2X Remote Desktop Cert error

Discussion in 'Parallels Client for Google Chrome' started by EugeneG1, May 8, 2018.

Tags:
  1. EugeneG1

    EugeneG1 Bit Poster

    Messages:
    2
    Hello,
    I am hoping someone can point me into the right direction. We are running 2X version 10. I know it is very old, but I don't think it matters what version I am running.

    So our gateway server is open via public NAT using gateway mode.
    We use the chrome apps parallels client and windows client to connect.

    So when connecting via chrome app to the gateway server, everything is fine up until we click on the RDP app. At this point we get a certificate error. We installed a certificate via Enterprise CA on the domain level. The issuer is a server part of our internal domain. How would I get the chrome app to recognize it? I get no such issues with the windows client.

    I tried doing this on the gateway server, but no luck. Again i am using Enterprise CA and not using third party. I think this also applies to gateway server, not necessarily the RDP app that I am having issues with.
    https://kb.parallels.com/en/122996

    Any suggestions. I just need this error to go away.
     

    Attached Files:

  2. Valentin@Parallels

    Valentin@Parallels Parallels Support

    Messages:
    61
    Hello @EugeneG1
    This particular behavior is related to the fact that intermediate certificate is not included within domain one thus it can not be verified. Actions described in KB article you mentioned should resolve the issue, however it requires certificate modification.
    If your goal is to simply hide this popup from user's eyes you can enable following option and it will not appear regardless if certificate is actually trusted or not. Please refer to attached screenshot.

    Let me know should you have any additional questions!

    Capture.PNG
     
  3. EugeneG1

    EugeneG1 Bit Poster

    Messages:
    2
    Ok so I think I am getting somewhere now. I changed my certificate to use our wildcard that we got from godaddy instead of the internal domain.

    Based on the KB article:
    Importing this new modified certificate alongside your private key in your 2X ClientSecureGateway will address this behaviour.
    - Can you elaborate exactly were I should import this. Is this going personal certificate section of the gateway server? Or somewhere in 2X Configuration. I am guessing it goes were jpg image. What is the required format of the private key file. Is it pfx?
    NOTE: The Root CA does not require this operation as all supported Root CAs are listed in the trusted.pem files available on Client Installations as well as within the Remote Application Server installation directory.
    - From my understanding I need to install the root CA to the trusted.pem file as well.
     

    Attached Files:

Share This Page