Tuesday, July 19, 2011

Wildcard Certificate for RD Session Host server farms (2008 R2 SP1)

Kristin Griffen (Microsoft MVP on RDS) has done an interesting discovery. Since SP1 using wildcard certificates for an RD Session Host server farm now no longer generates an error! Which is great!

"...Since installing 2008 R2 SP1, I have again tested securing RDSH farm servers using a wildcard certificate and a UCC certificate, and now I get no errors!

Example: I used a wildcard certificate (*.domain.com) for securing RD Gateway, securing the RDWA website, all RDSH farm servers, and for RemoteApp signing, and I now get no errors.

I have not been able to confirm exactly what change has been made by Microsoft but SOMEthing has definitely changed to make using wildcard and UCC certificates for RDSH farm servers work..."

Source: http://blog.kristinlgriffin.com/2011/07/using-wildcard-certificate-and-ucc.html#comment-form


  1. At last, they have finally sorted the error out. We had a wildcard ssl installed on are hosting server and all the clients were getting errors all the time because of this. we had so many phone calls about this error, at least they have sorted it out know.

  2. Hi Tim,

    Thanks for your comment. I agree, this is a major improvement!

    Kind regards,
    Freek Berson

  3. Beware, there may be a regression as of yesterday's (patch-Tuesday) patches. I just woke up to find that my RD Gateway Wildcard server (single server, not a farm) had been de-configured, and I had a hell of time getting the RD Gateway Manager to accept it again.

    When I originally set up this server it was devilishly difficult to get RD Gateway Manager to accept the wildcard certificate in the first place. I never did figure out what finally made it work. I think there's still some sort of bug lurking around, and it makes me think that wildcard certificates are not part of Microsoft's test matrix for the RD Gateway feature.