Server Security problem with certificate during making a remote desktop connection

Discussion in 'Windows Server' started by JW, Jan 1, 2013.

  1. JW

    JW MDL Novice

    Jan 1, 2013
    4
    0
    0
    #1 JW, Jan 1, 2013
    Last edited: Jan 1, 2013
    Hello,

    I have a home server running Windows server 2012 essentials.
    I have a windows 8 professional PC to be used as one of the server’s client machines.
    On any attempt to make a connection to the server from the client PC using remote desktop I get a warning about name mismatch. I connect anyway but would like to correct this annoyance if possible.
    My server’s name is serverName (say) (this is also the name that the client “sees” under network in file explorer.)
    Its full name is serverName.mydomainName.local .

    The certificate name mismatch comes as it’s comparing the names serverName with serverName.mydomainName.local

    Yet I set it up by simply answering questions put by the setup wizard of server 2012 essentials.
    I just know it's a simple fix for someone in the know. Could someone just explain how?
    Would changing the name from my router under DHCP do the trick?
     
  2. 100

    100 MDL Expert

    May 17, 2011
    1,346
    1,544
    60
    If the host name you connect to doesn't match the name(s) the certificate is issued for you get an error, that's how it's supposed to work. You will need to either connect to the server's FQDN (serverName.mydomainName.local), or issue a new certificate to the server containing additional host names for which the certificate is valid (known as "subject alternate names"/SAN). Don't know how/if that can be done with the certificate wizard.

    No, DHCP won't affect the certificate validation in any way. Also, renaming the server is a good way to break all sorts of things (especially since it's a DC and CA), so don't try that. :p
     
  3. JW

    JW MDL Novice

    Jan 1, 2013
    4
    0
    0
    Thanks 100 for your prompt reply. It looks like I'll just have to live with the annoyance, unless anyone else knows of a easy (simple) solution. Seems to me that Microsoft may have overlooked this as servers are generally managed headless (remotely).