Greetings all,
I am writing a statement of work to deploy a new RDS RemoteApp environment in to our network. I have almost everything figured out with exception of certificates. For some reason I am absolutely confused on how the certs work. Here is what I have so far. Please let me know if I am missing something or if I have something wrong. I actually sure that I'm missing something. The goal here is to make our RDS RemoteApp site available internally and externally without any certificate issues. I am using aliased names for the servers here.
- COMPGW - Gateway Server (in DMZ)
- COMPCB - Connection Broker
- COMPSH1 - Session Host 1
- COMPSH2 - Session Host 2
- Request a new 3<sup>rd</sup> Party public certificate with the following FQDN’s:
rds.comp.com and compgw.comp.com
- Copy the new Third Party public certificate to COMPCB.
- Login to the connection broker – COMPCB.
- Open Remote Desktop Services and select “Tasks” and then “Edit Deployment”.
- Select Certificates.
- For each Role Service of the four roles - “Select existing certificate…” and do the following:
- Browse to the public certificate you requested and type the password and check the box “Allow the certificate to be added to the Trusted Root Certification Authorities certificate store on the destination computers”.
- Click “Apply”
My COMPGW server will reside in our DMZ and I understand that we have a NAT route setup on the firewall. As far as the certificates go and also making sure the site is available publicly I haven't found any concrete information on how to do this.
Any info would be greatly appreciated.
Thanks you
JW