Hi,
I am seeing a strange issue on a windows server 2012 RDS deployment.
Setup is:
2 x management server running gateway, rdweb and HA session broker
3x RDSH servers
All certs are from internal PKI (URL’s and FQDN’s are correct)
The issue I am seeing is when using windows xp machines to access apps published in a RDWeb site I am getting
“the connection has been terminated because of an unexpected server authentication certificate was received from the remote computer”.
This error seems to be related to the CRL of the certs. Using certutil I am able to successfully access the CRL.
Windows 7 computers work with the deployment above but they also have a CRL error:
“A revocation check could not be performed for the certificate”
This can be bypassed and the apps are accessible. Again certutil successfully can access the CRL.
I have done all of the usual’s:
Ensure the root CA is installed in the computer trusted root ca
Manually download and apply the CRL
Verify the CRL is accessible
Cut new certs
Ensure all of the computers names and aliases are in as SAN’s
Forced used of gateway server
Bypassed gateway server
Removed all servers but 1 server running all components (RD GW, RD CB, RDWEB and RDSH)
Any thoughts?
Thanks,
Ciaran