Forum Replies Created
-
Posts
-
Hi
I can’t recall this 100% but as far as I can recall I think my issue was using a self-made certificate.
When I started using our bought certificate I guess things worked out.
But it’s a year ago, so as mentioned – I can’t recall it 100%.
The SQL on DC is mentioned 🙂
The Split DNS sounds fun….. 🙂
Regarding the Redundant Brokers with SQL sounds like I don’t need it then (?)
I’ve already have this open.
When it mentioned SQL I didn’t follow the whole guide to the dot.
I guess I must look through that guide more thoroughly 🙂
We have bought a wildcard certificate I can use, as far as I know.
Just assumed I could test things out seeing the RDP desktop and so on before building the “big setup”.
I will check the guide (I have a lot of tabs open anyway about this) 😀
It seems some things has changed since 2012R2, but I’m not sure.
The “Be aware that you will probably not be able to order a Publicly signed certificate with .local domain names as SAN DNS entries, so Internal clients will need to be able to resolve the Public DNS name and get the Internal IP (Split DNS).” part I’ll have to read a bit about.
IE11 and just tried it on Chrome
Chrome gives this:
NET::ERR_CERT_COMMON_NAME_INVALID
Subject: servername.domain.localIssuer: servername.domain.local
Expires on: 12. jun. 2020
Current date: 12. jun. 2019
I can easily go to the site and login and get the RDP desktop. (I’ve forwarded it to /rdweb)
Chrome says the certificate is invalid.
For now it’s only a test with thin clients, but in the future people should connect from outside.
I’ve tried making a new certificate but seems to export to .pfx only.
I “Create new certificate” under the RDS management on Server 2019
Subject name before was CN=RDS
Now it’s CN=rds.domain.local and sounds more right.The browser however still gives “Fejlkode: DLG_FLAGS_SEC_CERT_CN_INVALID”
And I only have the .pfx certificate
Exported from “Trusted Root Certification Auth.” for a .cer file and installed that in four ways on my own PC, still with no luck. 🙁I’ll look into it.
Thanks for the detailed explanation 🙂
Tak for hjælpen 🙂
Now I know something is setup wrong then.
Because in the browser I get this error: “DLG_FLAGS_SEC_CERT_CN_INVALID”
So the certificate isn’t working there either. I haven’t installed it on my PC, is that needed for this?I tried installing the .pfx but website still gives error
Just tried creating a new certificate following this video [https://youtu.be/oIos0TbZfjY?t=510]
Used it on the server as mentioned in video. Imported in on the Wyse (several attempts is needed before USB is recognized) but still the same error 🙁
I having some days off for now (back tuesday) and will check in here. Hopefully someone can help 🙂
Maybe the problem is elsewhere…Yeah, that’s what I’ve read. But don’t know what that actually mean then.
I’ve just created it and then exported it. So what “real name”? 😀
And of course, thanks for your time answering my questions!
I must use the USB2.0 port and import went well. I imported the self-signed certificate first and tried it. Then the computer-certificate and tried again.
Still gets the “Certificate common name is bad” error 🙁
Thanks for getting the USB working.Do you have any steps I can try fixing the error as well? 🙂
