Hi
I have RemoteApp setup and its working fine apart from the fact that my SSL cert is issued to webapps.mycompany.com but internally my RDS box is called server-rds.mycompany.local so when I connect tohttps://webapps.mycompany.com I do NOT get any SSL cert errors and I can log in fine as my cert is valid for the common name/web site webapps.mycompany.com
The problem is when I click on a published app and try run it, it gives an SSL cert warning that the server im connecting to doesn't match the name on the ssl cert, I understand this is because the internal and external domains do not match, in RemoteApp manager if I change the RD Session Host Server "Connection Settings" server name to webapps.mycompany.com the published apps wont launch as the port 3389 is not open to the outside (if I port forward it works with no SSL warnings but I dont want 3389 open to outside I only want 443) but if I leave it at server-rds.mycompany.local it works with an SSL warning, is it possible to get this working with no ssl errors if I continue to use .local internally? I don't want to have to manage a mycompany.com zone on my internal DNS server.
Just to add all RDS roles on the one server "server-rds.mycompany.local
I looked into a SAN/UCC SSL cert but Comodo/GoDaddy have infromed me that in two years .local and private IP ranges A,B,C will not be accepted to be listed on an SSL cert from Nov 2015 so this route is kinda out.
https://support.comodo.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1295
https://www.cabforum.org/Guidance-Deprecated-Internal-Names.pdf
https://www.networking4all.com/en/ssl+certificates/faq/change+san+issue/
Any help much appreciated
Spudney