Your network contains an Active Directory domain named contoso.com. The domain has Remote Desktop
Services (RDS) deployed.
The domain contains two servers named Server1 and Server2 that have the Remote Desktop Web Access role
service installed.
The RD Web Access sites are accessible by using theURL https://rdp.contoso.com/rdweb.
You connect to https://rdp.contoso.com/rdweb and you receive the error message shown in the exhibit. (Click
the Exhibit button.)
You need to prevent the error message from appearing when users connect to the RD Web Access sites.
You obtain a server certificate for rdp.contoso.comfrom a trusted certification authority (CA).
What should you do next?
More than one answer choice may achieve the goal. Select the BEST answer.
Exhibit:
A.
On Server1 and Server2, open the Certificates console and import the server certificate to the Trusted
Publishers store.
B.
On Server1 and Server2, open the Certificates console and import the server certificate to the Remote
Desktop certificate store.
C.
From Server Manager, open the properties of the RDS deployment and select the server certificate.
D.
On Server1 and Server2, open Internet InformationServices (IIS) Manager and modify the bindings of the
Default Web Site.
Explanation:
As this is about 2 RD Web Access Servers for a single URL the best answer for me is C)
A domain certificate authority needs to be present,before you setup the RD Web Access Servers (IIS Role),
The default certificate used by IIS (generated by the machine itself) is just a self-issued one which cannot
achieve the Status of “trusted”.
To get that SSL certificate from a domain CA, it isthe easiest way to click “create domain certificate” in IIS
Manager.
IIS will automatically change the bindings on the default Website for https 443.
(Attn: If you setup the RD Web Access before havingan actual installed CA in your lab, IIS might not realize
that – and you may have to change
the bindings manually, at least I encountered that in my lab and that led to my initial belief that answer D should
be right.)
Export the certificate to a .pfx file and import itin the RDS deployment properties in order to get rid of that
certificate error message.
It might take some time / gpupdate until the clientcan connect without that warning, though.