My RD Gateway isn’t picking up the new LE cert, even though I’ve implemented the RD Gateway deployment task and instructed it to restart the service.
My suspicion is that the restart order is occurring too quickly, not allowing enough time for the gateway cache to refresh. But that’s just a guess. It’s what ChatGPT is telling me anyway, and we all know how reliable that beast is.
I’ve only encountered this once, just now, during my initial run after installing the RD Gateway feature anew. I ran the Certify job, and I noted that a new cert was generated. But the RD Gateway admin console still reported ‘no cert’ until I manually restarted the service.
Naturally I don’t want to have to do that with each renewal; that of course defeats the purpose of automation.
But I’m loath to kick off a production run again just to test, as I don’t want to dip into my LE quota frivolously. I figure I should ask about it here first.
Some services like IIS can do it without restarting the service, but some were designed back when certs lasted for years and the assumption was it would be some sort of rare maintenance event.
I’ve selected the option to restart the service. But the restart is taking place too quickly—before the gateway’s cache has a chance to refresh.
Thus the gateway fails to pick up the new cert, even after the automated service restart. That’s why it showed up only after my manual service restart.
Ok, I’d suggest running your own similar powershell script but include a wait long enough for the cache to refresh before restarting the service Scripting | Certify The Web Docs
Alternatively, don’t use the restart option in that task and instead add an additional Wait n seconds task then a restart service task.