I have a certificate issue with my Windows Server 2012 VDI deployment and I hope someone might be able to help me out.
I’m in the process of deploying a pilot VDI environment, setup as follows...
2008 R2 DC
One 2012 server running both the RD Virtualization Host and RD Connection Broker. One 2012 server hosting both the RD Web Access and RD Gateway services.
I have two virtual desktop collections, one running Windows 7 clients and the other Windows 8. Whenever I connect to the Windows 7 VDI client machines via the RDWeb console from a client external to my domain, I receive two certificate errors.
The first is because I've created a server cert from my internal CA for the RDWeb / Gateway so I see the “A revocation check could not be performed for the certificate” error. I'm not too concerned about this as I can solve the problem with a 3rd party cert.
However, once I proceed past this point I see another cert error from the machine I'm connecting to. The machine presents a self signed certificate (win7-1.mydomain.local) with the error “The certificate is not from a trusted certifying authority”. I have to click “Yes” before I successfully connect to the desktop.
My question is why I see the second certificate error when I connect to the Windows 7 machines as I don’t see the second cert error when I connect to the Windows 8 desktops.
Both have self signed certs in the Remote Desktop container under Local Computer and nothing more.
Any suggestions or pointers to best practices for VDI certificates would be greatly appreciated.
Software/Hardware used: Windows 7, Windows 8 Windows server 2012 Windows Server 2008 R2