(Msg. 1) Posted: Thu Mar 13, 2008 5:40 pm Post subject: Terminal Services Gateway Server dropping its SSL Certificate Mapp Archived from groups: microsoft>public>windows>terminal_services (more info?)
I have installed Terminal Services Gateway on a Windows 2008 server. This
server is running my "grunt" services such as being the domain controller,
DNS, and is also running Certificate Services (configured as an Enterprise
CA). I am running ISA Server 2006 on another machine.
I had Gateway Services working great and then all off the sudden when I
connected to the Gateway Services Manager it immediately dropped the mapping
for the SSL certificate and broke the connections. Now, every time I map the
certificate it accepts the configuration but when I refresh on the server it
loses it's mapping, saying "xx is not yet fully configured as a TS Gateway
server...".
Can anyone help with this? I'm simply stumped. I don't see any useful
information in the event logs except for HTTPEvent Warnings ID 15300 and
15301 "SSL certificate settings deleted for port %internalIP%:443 and SSL
certificate settings created by an admin process for port %internalIP:443".
The cert that I'm using both for the Gateway Services mapping and the ISA
2006 listener meets the requirements with one exception- the subject doesn’t
resolve to the machine name. I do, however, have a cert that is the fully
qualified name of the server and I get the exact same behavior in the Gateway
Services Manager.
(Msg. 2) Posted: Thu Mar 13, 2008 5:59 pm Post subject: RE: Terminal Services Gateway Server dropping its SSL Certificate Mapp [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Actually, I just found the solution. I missed an important clue in what I
did to break it.
I changed the IIS SSL bindings to bind the cert to one specific IP address
instead of the default "all unassigned". I changed this back and everything
works great. I can't imagine this is by design- it has to be a bug? oO
(Msg. 3) Posted: Wed Mar 26, 2008 11:50 am Post subject: Re: Terminal Services Gateway Server dropping its SSL Certificate [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
On Mar 13, 7:40 pm, Tom Hundley <TomHund....TakeThisOut@discussions.microsoft.com>
wrote:
> I have installed Terminal ServicesGatewayon a Windows 2008 server. This
> server is running my "grunt" services such as being the domain controller,
> DNS, and is also running Certificate Services (configured as an Enterprise
> CA). I am running ISA Server 2006 on another machine.
>
> I hadGatewayServices working great and then all off the sudden when I
> connected to theGatewayServices Manager it immediately dropped the mapping
> for the SSL certificate and broke the connections. Now, every time I map the
> certificate it accepts the configuration but when I refresh on the server it
> loses it's mapping, saying "xx is not yet fully configured as a TSGateway
> server...".
>
> Can anyone help with this? I'm simply stumped. I don't see any useful
> information in the event logs except for HTTPEvent Warnings ID 15300 and
> 15301 "SSL certificate settings deleted for port %internalIP%:443 and SSL
> certificate settings created by an admin process for port %internalIP:443".
>
> The cert that I'm using both for theGatewayServices mapping and the ISA
> 2006 listener meets the requirements with one exception- the subject doesn't
> resolve to the machine name. I do, however, have a cert that is the fully
> qualified name of the server and I get the exact same behavior in theGateway
> Services Manager.
>
> Thanks in advance for your assistance,
>
> Tom Hundley
> Elegant Software Solutions, LLC
Tom,
Did you ever get a solution to this problem? I am literally having
the same problem with nearly the same setup. I don't have the ISA
going on but a cert for TS Web Access works great but refreshes to
Gateway loses the cert I select each time.
(Msg. 4) Posted: Wed Mar 26, 2008 12:05 pm Post subject: Re: Terminal Services Gateway Server dropping its SSL Certificate [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
On Mar 26, 1:50 pm, dawho9 <richard.brynte... DeleteThis @gmail.com> wrote:
> On Mar 13, 7:40 pm, Tom Hundley <TomHund... DeleteThis @discussions.microsoft.com>
> wrote:
>
>
>
> > I have installed Terminal ServicesGatewayon a Windows 2008 server. This
> > server is running my "grunt" services such as being the domain controller,
> > DNS, and is also running Certificate Services (configured as an Enterprise
> > CA). I am running ISA Server 2006 on another machine.
>
> > I hadGatewayServices working great and then all off the sudden when I
> > connected to theGatewayServices Manager it immediately dropped the mapping
> > for the SSL certificate and broke the connections. Now, every time I map the
> > certificate it accepts the configuration but when I refresh on the server it
> > loses it's mapping, saying "xx is not yet fully configured as a TSGateway
> > server...".
>
> > Can anyone help with this? I'm simply stumped. I don't see any useful
> > information in the event logs except for HTTPEvent Warnings ID 15300 and
> > 15301 "SSL certificate settings deleted for port %internalIP%:443 and SSL
> > certificate settings created by an admin process for port %internalIP:443".
>
> > The cert that I'm using both for theGatewayServices mapping and the ISA
> > 2006 listener meets the requirements with one exception- the subject doesn't
> > resolve to the machine name. I do, however, have a cert that is the fully
> > qualified name of the server and I get the exact same behavior in theGateway
> > Services Manager.
>
> > Thanks in advance for your assistance,
>
> > Tom Hundley
> > Elegant Software Solutions, LLC
>
> Tom,
>
> Did you ever get a solution to this problem? I am literally having
> the same problem with nearly the same setup. I don't have the ISA
> going on but a cert for TS Web Access works great but refreshes toGatewayloses the cert I select each time.
>
> Richard
Wow. Darn news reader didn't show Tom's solution. I can confirm this
worked for me as well! Change from IP to Any Address in IIS. For me
it was TS Web Access.
(Msg. 5) Posted: Thu Mar 27, 2008 4:01 am Post subject: RE: Terminal Services Gateway Server dropping its SSL Certificate [Login to view extended thread Info.] Archived from groups: per prev. post (more info?)
Hi.. I have the same problem but i Have to use one Specific IP address, i
can't use the "All unassigned" because it is alredy in use by another SSL
certificate..
How can i bind the TS gateway to a specific IP number??
/Jonas
"Tom Hundley" wrote:
> Actually, I just found the solution. I missed an important clue in what I
> did to break it.
>
> I changed the IIS SSL bindings to bind the cert to one specific IP address
> instead of the default "all unassigned". I changed this back and everything
> works great. I can't imagine this is by design- it has to be a bug? oO
>
> Reference thread in the forums:
>
> http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=3003413&SiteI...7&mode=
All times are: Eastern Time (US & Canada) (change)
Page 1 of 1
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
