The following error was received on a client’s system this morning:
RemoteApp
The digital signature of this RDP File cannot be verified. The remote connection cannot be started.
In this case the RDSH is using self-issued certificates for both Broker services. They had expired.
- Server Manager –> Remote Desktop Services –> Collections –> Tasks –> Edit Deployment Properties
- Click Certificates
- Click on the first Broker service and then the Create new certificate button
- Set a password and save to C:\Temp\2015-04-14-SelfIssuedSSL.pfx
- Click on the second Broker service and Select an Existing Certificate
- Choose the above newly created certificate
In the case where our client’s domains are .LOCAL or .CORP or some other non-Internet facing TLD we leave those two self-issued.
If we have an Internet facing domain then we use a third party trusted certificate as can be seen in the snip above.
Because we are deploying a lot of Remote Desktop Services solutions we always use an Internet TLD for the internal domain after making sure the client owns that domain and its registered for a decade.
Philip Elder
Microsoft Cluster MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
Thanks for this, really helped me out :)
ReplyDeleteThanks this helped me as well.
ReplyDeleteI could not make this work. It requires a certificate name but would not accept anything I entered.
ReplyDeleteJust to say Thanks a lot for the solution!!!
ReplyDeleteDario Ramirez
The solution solved the problem.
ReplyDeleteThanks!
Thank you!! Your solution fixed my issue
ReplyDeleteDoesn't work for me either, it will not accept any name for the new certificate.
ReplyDeleteI get this error and understand the fix, but I am only getting this on ONE client computer. None of these computers are on the domain FYI. Replacing the cert will break all 20 other users so I am hoping to just de-regulate the cert necessity.
ReplyDeleteI think you must give a name such as NAME.pfx
ReplyDeleteotherwise it won't let you proceed with the dialog