Yah, I thought is would be a certificate issue. But I also would've thought MS would've taken this into consideration. Time to shell out for a certificate. Got a suggestion for a cheap one? Certificatesforexchange.com works well?
Sent from my FriPad On 2011-08-17, at 5:12 PM, Simon Butler <[email protected]> wrote: > It’s the use of the self-signed certificate. > > Switch it for a commercial certificate and after installing it in through > Exchange, enable it using the SBS wizard. Then it will be installed in to the > RDP gateway as well as the web interface and the error will go away. > > > > Just to expand on that – both SBS 2008 and 2011 certificate wizards presume > that you are using a single name certificate, which means using SRV records > for Autodiscover. However as most people are not, what you do is the > certificate request using the regular Exchange methods (so Shell for SBS 2008 > and the Certificate wizard in 2011), with the usual names, > (remote.example.com, Autodiscover.example.com, server and > server.domain.local) and also including Sites. You then complete the request > in Exchange, but do not enable the certificate for any services. Once the > certificate is installed, the SBS certificate wizard is run, choosing the > option to enable an existing certificate. SBS then puts it in to the relevant > places for you. I am doing three or four of these a week at the moment. > > > > Simon. > > > > > > -- > Simon Butler > MVP: Exchange, MCSE > Sembee Ltd. > > e: [email protected] > w: http://www.sembee.co.uk/ > w: http://exchange.sembee.info/ > > w: http://blog.sembee.co.uk/ > > Need cheap certificates for Exchange, compatible with the iPhone? > http://CertificatesForExchange.com/ for certificates from just $26.99. > Need a domain for your certificate? http://DomainsForExchange.net/ > > > > Exchange Resources: http://exbpa.com/ > > > > > > > > From: Steve Ens [mailto:[email protected]] > Sent: 17 August 2011 22:46 > To: NT System Admin Issues > Subject: SBS 2011 RD Gateway > > > > Got an odd one...did a migration from 2003 to 2011 SBS a few weeks back. The > one nagging issue is on the remote web interface (which is great I might > add). > > > > This computer can't verify the identity of the RD gateway...It's not safe to > connect....yadda yadda.... > > There is no problem connecting directly to the SBS server over RDP, but > through this interface, nada. They want to be able to hit their workstations > through the gateway obviously. > > It's a self signed cert, haven't bought a third party. Anyone seen this > before? I would've figured this config would've been automagic during the > install. > > > > Steve > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
