To secure your 1st RDS web access, you will need to go through the Internet Information Services (IIS) Manager.
In the window that opens :
Since your users will access your RDS web accesses via the cluster name, the certificate to be used will have to be generated for the cluster name and NOT for the name of each RDS web access server.
So, in our case, we'll make a certificate request for the "rds.informatiweb.lan" domain name.
Submit the request to your certification authority via its web interface and download the provided certificate.
Then, in IIS, click "Complete Certificate Request".
In the "Complete Certificate Request" window that appears :
The "rds.informatiweb.lan" certificate appears in the list of server certificates.
Select the default site in : [Name of your 1st RDS server] -> Sites.
Then, click Links in the right column.
Edit the HTTPS binding and select your new certificate : rds.informatiweb.lan.
Since the certificate to be used will be the same, you only need to export the one obtained from the first RDS server and then import it on your 2nd RDS server.
However, you will not be able to simply copy/paste the certificate downloaded from the web interface of your CA, because the downloaded file is in "cer" format and not "pfx".
Indeed, the downloaded certificate doesn't contain the private key that goes with it.
In order to obtain the certificate and the associated private key, and therefore a certificate in pfx format, you will need to export it from the certificate store of your 1st RDS server.
For those who don't know how to access the certificate store of your server, here is the procedure :
Then, in "Personnel -> Certificates", export the "rds.informatiweb.lan" certificate.
Select "Yes, export the private key" to obtain a certificate in PFX format.
Leave the default options and click Next.
Provide a password to protect the private key.
Select where you want to save the certificate in PFX format.
Open the certificate store on your 2nd RDS server and go back to : Personal -> Certificates.
Then, right click "All Tasks -> Import".
Copy/paste the certificate exported from your 1st server to your 2nd RDS server and select it here.
Enter the password previously specified to protect the private key.
The destination certificate store must be : Personal.
Your "rds.informatiweb.lan" certificate appears with a small key displayed on the certificate icon.
Open the Internet Information Services (IIS) Manager on your 2nd RDS server and go back to: [Your server name] -> Server Certificates (in the middle part).
You should see your "rds.informatiweb.lan" certificate.
If this is not the case, the private key associated with this certificate is probably missing. This can happen if you export a certificate in "cer" format (without private key) instead of the "pfx" format (certificate + private key).
Select the default site for your RDS server and edit the HTTPS binding.
In the list of SSL certificates available, you will find your "rds.informatiweb.lan" certificate.
To test access to your cluster, try to access the "https://rds.informatiweb.lan/RDWeb" address from a client computer.
Then, log in with a user of your Active Directory.
RemoteApp programs or desktops appear.
Windows Server 3/8/2019
Windows Server 4/28/2019
Windows Server 3/16/2019
Windows Server 1/13/2019
Pinned content
Contact
® InformatiWeb-Pro.net - InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.
Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.
No comment