Remote Desktop Web Access and Certificate Services

May 26, 2012 at 05:56:35
Specs: Windows 64, 2.812 GHz / 2047 MB
I have Remote Desktop Web Access working fine but find that I need to add a Certificate to that server in order to stop the multitude of warning messages the client user has to click through. Can anyone advise me whether Active Directory Certificate Services requires Active Directory installed to work or can just be installed on it's own on the same machine as the Remote Desktop Server.


See More: Remote Desktop Web Access and Certificate Services

Report •

May 31, 2012 at 11:25:21
You can install it on its own machine.


Report •

May 31, 2012 at 13:15:47
Thanks Tony. I tried that but then had problems attaching that Certificate to RD Web access. From what I read I got the feeling that this was because I had no domain involved but maybe that wasn't the problem.

Report •

June 1, 2012 at 08:05:29
What I am actually trying to do is configure Web Single Sign-On for RemoteApp so that clients can use applications from RD Web Access without having to click through half a dozen warning messages. Can anyone explain to me how to setup a Certificate on a standalone RD Web Access server.


Report •

Related Solutions

June 1, 2012 at 10:29:51
First off, don't use a certificate from AD certificate services, it'll only be trusted by computers in your own network. Buy a cheap certificate from Install the certificate using IIS, refer to IIS 7 SSL Certificate CSR Creation if you don't know how to request one. Once you have done that, apply it to your RD Web access website, your TS Gateway (if you're using one), and your TS listener. If you need screenshots, I can make some up. You can also hire me to do this for you :-)

BL Technical Services
IT Support for Small Businesses

Report •

June 2, 2012 at 08:16:52
We don't really want to buy a certificate for each site this gets deployed on just using a self-signed cert would be fine, if it worked.

I have now established that IIS creates it's own self-signed certificate as it installs. Problem is I don't seem to be able to add this to the client machine.

Installing it over the web allows it to be placed in Personal certificate store but that doesn't solve the problem the certificate still shows a Certificate Error. Trying to place it in the Trusted Root Certificate Authorities store seems to work and says that it has imported correctly but when I check it is not in there.

Exporting the certificate to a file and importing from there is much the same, If I add it to Trusted Root Certificate Authorities store it goes there ok but then just disappears a few seconds later.

Report •

July 21, 2012 at 07:15:31
When you import the certificate on the client machines, specify the trusted root CA store instead of the default. On Windows XP clients, the trusted root CA store was default, on later editions, it is now personal, which makes sense from a security standpoint. You could also deploy it through group policy to all of your clients, but this won't help for the computers that are not part of your domain.

On a side note, how many sites are we talking about? You can get a cheap cert from Godaddy for $13/year or less. How much time will you spend with your users importing certificates from the browser into the trusted root CA store? I bet it would end up costing your company more in your time than it would to buy the certs.

Andrew Leonard
BL Technical Services
IT Support Maryland

Report •

Ask Question