our remote desktop gateway is part of our local active directory domain. So it has a hostname of rdgsrv01.ourlocaldomain.local. I can connect to the RDSH server just fine through the RDG server, from a workstation on our internal network. Now I want to connect from a workstation outside out of our network and I keep getting a certificate error.
How would the proper configuration go for that to work?
We have a public domain.com. So I created the public host record "rdg.ourdomain.com" for our clients to use. On the RDG server itself, I created a self signed certificate using the same domain name "rdg.ourdomain.com". I imported it so that it's displayed in the section of the RD Gateway Manager where it says "The following certificate is installed on RDGSrv01:"
But it seems that the SSL certificate of the remote desktop gateway server MUST match the FQDN of the server itself. If that is the case, how can this server be accessible from the outside if no one can communicate with ourinternaldomain.local, being that is a private active directory domain? Do I have to add a hostfile entry for that on the remote computer then use the original certificate on the RDG server?
It works fine when I do that. But adding a hostfile entry for our private active directory domain on all remote computers does not seem like a practical solution.