Set up high availability (HA) on your RDS infrastructure (step by step) on Windows Server 2012 / 2012 R2

  • Windows Server
  • 12/12

13.3. Import the certificates on your RDS infrastructure

Now that you have all the necessary certificates in pfx format, access the deployment properties of your RDS infrastructure.
Then, in the "Certificates" section, select the "RD Connection Broker - Enable Single Sign On" and click on "Select existing certificate".

Note : the procedure for obtaining the certificate for the RDS web access was explained at step "9.4 Secure the 1st RDS web access" of this tutorial.

Select your "rdcb-cert.pfx" certificate, specify the password that protects the private key of this certificate and check the "Allow the certificate to be added to the Trusted Root Certification Autorities certificate store ..." box.

Then, click on "Apply" and do the same for the second line (RD Connection Broker - Publishing).
If your certificate was generated correctly, you will see that the status will be : OK / Success.

Select the "RD Web Access" line and click "Select existing certificate".

Select this time the RDS certificate.

Cliquez sur Appliquer et l'état deviendra aussi : OK / Réussite.

Now, the level should be "Approved" for the 4 role services.
If this isn't the case, it means that the certificate is not considered valid (it may be valid only for another domain, expired or self-signed).

Note : the certificate for the RD Gateway must have been imported when you followed step "12. High availability of the RDS gateway" in this tutorial.

13.4. Certificates summary

In our case, our RDS infrastructure uses 3 different certificates :

  • a certificate valid for the "rdcb.informatiweb.lan" domain which is used by the Broker service
  • a certificate valid for the "rds.informatiweb.lan" domain which is used by the RD Web Access
  • a certificate valid for the "rds.informatiweb-tuto.net" domain which is used by our externally accessible RDS gateway

14. Final tests

Now that everything is set up for full high availability of your RDS infrastructure, all you have to do is check if everything is working fine.
To get started, try to access your RDS web access "https://rds.informatiweb.lan/RDWeb" from a domain member client.

Log in with an user account authorized to access your RDS collection and try to launch a RemoteApp program or a RDS desktop.

Note that the certificate is considered valid and issued by our certification authority.

As you can see, the user will connect to the "rdcb.informatiweb.lan" server (which proves that the connections are now handled by the Broker service).

The client computer connects to the server.

The desired RemoteApp program appears.

To test the gateways, refer to the last step of our tutorial : Implement high availability for your RDS gateways

To see also

Comments

No comment

Share your opinion

Pinned content

Contact

® InformatiWeb-Pro.net - InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.

Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.