Using Certifcates in RemoteAPP Windows 2016 Server

Question

I have RDS Broker, Gateway , (and another server that i can't think of) and 4 Terminal Server. How do create or use any existing certificate to trust certificate on the 4 Terminal Host Servers ?

A simple and easy method.....as read many forums with different answers

Answer 1

Hi

Does you want to use a self-signed certificate or one you buy ?

Do you plan to make a cluster ?

For a simple scenario, for self-signed you can create it via the Remote Desktop Wizard. You need to create a GPO to push it to your domain computer after if you intend to use SSO with your farm, or you can let the user bypass the warning if not domain joined. The only drawback of this method is the certificate is only valid 1 year, so you need to renew it each year.

Answer 2

Hi there,

You can use the GPO to push down the appropriate Secure Sockets Layer (SSL) certificates (or equivalent certificates that chain to a trusted root) for account federation servers, resource federation servers, and Web servers to each client computer in the account partner forest by using Group Policy.

Membership in Domain Admins or Enterprise Admins, or equivalent, in Active Directory Domain Services (AD DS) is the minimum required to complete this procedure.

Distribute Certificates to Client Computers by Using Group Policy
https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/distribute-certificates-to-client-computers-by-using-group-policy

-----------------------------------------------------------------------------------------------------------

--If the reply is helpful, please Upvote and Accept it as an answer--