So i recently went into a small client to setup a single server RDWeb/RDGateway/RD Session host server… “simple enough” i thought… how wrong i was.
When having a dedicated RDWeb/RD Gateway and a farm behind it – it all fits together nicely… on a single box, i seemed to need to use SAN certs…. which for testing purposes i used the internal enterprise CA to issue and published an online responder for the revocation…. all worked fine in win7…. and i pulled my hair out for days trying to work out why the XP SSO wasnt working….
XP doesnt support online responders…. and if it cant retrieve the revocation infromation, a really fucking unhelpful error message of “the connection has been terminated because an unexpected server authentication certificate….” – FFS… there goes two wasted days of my life … i am absolutely fucking livid….
RD Gateway is great – but the logging is shithouse… it could really do with an equivalent of www.testexchangeconnectivity.com….. would be very handy (and an all in one RDC7/CredSSP/Reg entries package for XP SP3 would be nice too!)