I know this topic has been beaten to death but the sheer amount of posts makes it difficult to decipher the fix.
Background:
Windows Server 2012 RDS infrastructure
*Gateway/Web Access/Licensing/Connection Broker roles on 1 Server 2012 VM
-Gateway configured with options:
- Use these RD Gateway server settings | server name: scottapps.com
- Logon method | Password authentication
- Use RD Gateway credentials for remote computers - enabled
- Bypass RD Gateway server for local addresses - enabled
- 3rd party SAN certificate (GoDaddy) with name "*.scottapps.com" installed and enabled for all role services (RDCB - enable single sign on; RDCB - publishing; RDWC; RDG)
*Session Host role installed on 3 separate VMs (each a separate VM running Server 2012)
*3 Remote App collections published (each going to their respective server)
*BYOD scenario - clients running Win7/Win8 connecting to RD Web. Working from home, offsite, etc.
2 issues:
*Being prompted twice for credentials - once when logging into RD Web (of course) and then again once a Remote App is selected. Not prompted twice internally from other server 2012 boxes joined to the domain. This leads be to believe if I used Win8 it wouldn't happen? http://blogs.msdn.com/b/rds/archive/2012/06/25/remote-desktop-web-access-single-sign-on-now-easier-to-enable-in-windows-server-2012.aspx
*Getting the "the identity of the remote computer cannot be verified..." warning. Not sure how to fix this since the internal name of the servers is xyz.local and the name of the SAN SSL cert is *.scotapps.com
Thanks!