Find and install certficate package for sbs 2011 essentials

rdpssl-certificatewindows-sbs-2011

Im trying to use my sbs essentials 2011 server to allow users to remote into their machiens remotely

everything is setup on the server but when I try to remote i get the error

"this computer can't verify the identity of the rd gateway" xxxxx" its
not safe to connect to servers that can't be idendified. contact your
network administrator for assistance"

this seems like a cert error so i googled it and i found this website http://www.andrewstechnology.co.uk/reference/tips/44-sbs2011-rd-gateway-cant-verify-error.html

that says there should be a package that i can download and install on home computer to install the certs locally

the problem is that the instructions are for standard edition of sbs and not essentials and the path given doesnt seem to exisit

can anyone point me in the right direction?

Best Answer

According to this thread, you can't. (And I haven't been able to find anything saying you can, nor do I have a copy of SBS to run tests on.)

SBS Essentials should be setup using a trusted SSL certificate from a commercial CA, like GoDaddy / Enom.

There is no Cert Package.zip on SBS Essentials.

If you have setup the server and used all of the Wizards for remote access you will have already installed a valid cert - so my guess is you have not done this.

A couple posts down, it also says you can't do a self-signed cert on SBS essentials either. (Kinda makes me wonder what in the hell the supposed market for this particular OS is, given that it looks like it's more expensive than some of the 2k8 standard offerings. :? But I digress.)

I would try (and this may or may not work, and may or may not violate your licensing agreement, I have no clue) downloading the Install Certificate Package.zip file from a SBS 2011 server, putting it in the expected path and seeing what happens (on a test machine, obviously). Not sure if SBS 2011 essentials has the required services installed to process a certificate request, or even if the .exe is compiled/built by the specific machine it's hosted on, but it seems worth a try.

Failing that, it's buying a cert from a third party CA or living without that functionality. And maybe a lesson in why it's usually not a good idea to save $100 on an OS license if you have to sacrifice fundamental functionality to do so. (Probably a lesson for your boss. Be careful about how and if you mention that lesson, though.)

Related Topic