Can someone clear up for me what exactly is needed for certificates in a RDS 2012 R2 farm environment? Yes I've read posts and documentation, but I am still unclear on a few things:
Do the session hosts in a farm need their own public certificate even though everything is being passed through the connection broker?
I have
RDGW.internal.net (rdgw.external.com) - RDS gateway and RDS Web -- public certificate for rdgw.external.com
RDCB.internal.net - RDS connection broker, RDS Licensing -- public cert for rdcb.internal.net
RDSH1.internal.net - RDS host 1 -- certificate assigned from internal AD CA
RDSH2.internal.net - RDS host 2 -- certificate assigned from internal AD CA
The two public certs were installed through the session collection interface, and come up as trusted.
Trying to connect from outside, I get an error 0x607 from RDSH1.internal.net.
I am using free StartSSL certs to test. These aren't wildcard, and don't have Sub Alt names assigned. When everything is working, I'll request regular ones from our public CA. But I don't want to purchase one until I am sure what is needed and everything
is working.
Eventviewer on RDS1 and RDCB not showing anything helpful.
B
