Problems with RD Gateway

Good morning,

I have problems after creating the certificate that my certificates are deployed to the RD Gateway.

There is a server IIS that manages the role RD Gateway and RD Web Access.
As well as the web server

On this server I have installed Certify the Web.

Then I have another TS1 the terminal server.
This is where the other roles and the applications run.

In the Certify the Web application, I have selected the RD Gateway under Deployment Tasks. In Pre Request, I selected Power Shell and actually just let the service restart.

On the web server the certificate arrives correctly. But on the RD Gateway server the certificate does not arrive.

What do I have to do here?

I have been using this for a long time, but every 90 days I have another problem and always have to invest a lot of time.

Thank you.

Import-Module RemoteDesktopServices

Set-Item -Path RDS:\GatewayServer\SSLCertificate\Thumbprint -Value
$result.ManagedItem.CertificateThumbprintHash -ErrorAction Stop

EDIT: I get the message The deployment Task ended with no reported errors

Hi, we do supply an example deployment task but some users with more complex environments will benefit from running their own scripts.

You mentioned pre-request, generally that only applies to validation steps, not deployment, because certificate orders to Let’s Encrypt can and will fail, so you should move your deployment related steps to after the request has completed.

I would suggest that you should investigate use Central Certificate Store (CCS) as you are trying to share one certificate across multiple server. With that you set a CCS deployment task which copies the cert (for each domain name) to a UNC share, then your server can pick up the cert from their (if the service supports CCS).

I’m not an administrator of RDS or RD Gateway etc so the support I can offer you is limited to whether or not Certify runs the script or not, the exact scripting you will have to run/do will vary depending on your requirements.

does this help you?


$OldThumbprint = $result.ManagedItem.CertificatePreviousThumbprintHash

Copy-Item -Path $result.ManagedItem.CertificatePath -Destination $SourceFilePath -Force
Set-ExecutionPolicy -ExecutionPolicy Unrestricted -force
$Roles = @(“RDRedirector”,“RDPublishing”,“RDWebAccess”,“RDGateway”)
foreach ($Role in $Roles) {Set-RDCertificate -role $Role -importPath ‘c:\ctw\ctwexp.pfx’ -password (ConvertTo-SecureString -String $PFXPass -AsPlainText -Force) -ConnectionBroker $TargetServer -Force}
Remove-item ‘c:\ctw\ctwexp.pfx’ -Force
If ($OldThumbprint) {Get-ChildItem -Path cert:\LocalMachine\My | where {$_.thumbprint -Match $OldThumbprint} | remove-item}

1 Like