Recently spun up an RDS deployment with both VDI and RemoteApp collections. Users connect through an external Gateway/WebAccess server from personal home computers. The external domain is domain.org and the internal is some.thing.different.org. The entire
deployment has had a publicly-trusted *.domain.org certificate applied through the Deployment Properties and everything is working fine except for 2 prompts. These don't prevent connections and I didn't think much of them, but users being what they are I am
now getting pressure to eliminate them as they are "unsightly"...
1. When initially launching the RemoteApp a prompt is presented with the details of the connection, asking the user to confirm. I assume this is normal and nothing we can do about it, but if there is a way to eliminate it that would be good.
2. Once the connection has started and is redirected to the CB server they receive the second prompt stating the certificate doesn't match the internal domain name. This is the more important one to eliminate as it "looks worse".
My thought would be that one of the deployment's certs need to be replaced with a wildcard for the internal domain name. Alternatively we could create an internal DNS zone with the external domain name, create records for each server with different names and reconnect the servers in the deployment using those names so they are used when establishing the connections path rather than the actual server name. If anyone can help point the way that would be appreciated, I unfortunately don't have a lot of experience with either RDS or certificate management.