Spad
  • Spad
  • 55.4% (Neutral)
  • Nestling Topic Starter
2009-08-03T03:04:27Z
The company I'm currently working at has a stupidly long FQDN for their internal domain (20 characters), which is a complete pain the arse to type for an RDP connection, but they're also using TLS/SSL for the RDP connections.

So, in order to avoid lots of annoying "Certificate doesn't match" warnings, it would be handy to have an "Append this FDQN to hostname" option for the connection properties - or even just a check-box to append the "Domain" field. That way I can avoid all the annoying warnings without having to quadruple my typing 🙂
Krash_Control
2009-08-03T07:41:21Z
Have you tried appending the dns suffix to your network connection instead?

Network Properties > TCP IP > Advanced > DNS > Append these DNS suffixes (in order)

We use it all the time as we have sites that are Customer.ourdomain.net and I just add ourdomain.net as one of the suffixes and all I have to do is type "Customer" in RD Tabs and it works great.
Spad
  • Spad
  • 55.4% (Neutral)
  • Nestling Topic Starter
2009-08-03T07:53:03Z
That works fine for connecting, but it doesn't address the Certificate naming issue - sure we could reissue all the server certificates to include the hostname as a SAN but it's a little excessive for 100+ servers (we've already done it for the terminal servers, but that's because it's a user experience issue, the rest of them are purely for the benefits of the admins).

UserPostedImage
Timothy
  • Timothy
  • 100% (Exalted)
  • Flock Leader
2009-08-03T16:16:17Z
That wouldn't be difficult to implement. i can add that to the list of features. but you have another problem. notice the "certificate is not from a trusted certifying authority." You'll still get that. 🙂
Spad
  • Spad
  • 55.4% (Neutral)
  • Nestling Topic Starter
2009-08-04T02:53:03Z
Timothy wrote:

That wouldn't be difficult to implement. i can add that to the list of features. but you have another problem. notice the "certificate is not from a trusted certifying authority." You'll still get that. :-)



Yeah, I know, that's another issue entirely, but easily fixed without too much typing 🙂
Users browsing this topic
full film