In my case I’m using a Self Signed Certificate to encrypt the connection and it need to be added to your client computer “Trusted Root Certificate Authorities” , you don’t need to worry about this step if your certificate is issued by one of the trusted public CAs that participate in the Microsoft Root Certificate Program Members program.
Now let’s start the Deployment :
- Click on the “Add Gateway” icon on your Server Manager Deployment Overview window
- This will open you a “Add RD Gateway Servers” window and you can see available servers that you can install this role if you are added these servers to your server manager, in my case I did not add any servers to the server manager console and I’m going to install this role on the Server which I used to deploy Quick Deployment. Select the server and add to the deployment, once you select the server click “Next” to continue.
- Add your external server name for this SSL certificate name, this is a MUST. Once you done that click on “Next” to continue.
- You can see your FQDN name and the configuration summery at the “Confirmation” step, click “Add” to continue
- At the next window you can see the progress of the deployment
- Once we completed the deployment click on the “Configure certificate” option.
- What happens if you accidentally closed this window, don’t worry still you can find this window under “Edit Deployment Properties”
- This will bring you up the “Deployment Properties” window and click on the “Create new certificate…” option to start the certificate generation
- Type the certificate name same as your external server name, save it in your server to use it for other role services and select the check box to add these certificate to your “Trusted Root Certification Authorities” certification store. Click on “OK” to continue.
- At the Step Select the service roles and click on “Select existing certificate” option to browse and select the certificate and put the password that you used to generate the certificate, add this certificate to the “Trusted Root Authority Certification Store” by selecting the small check box. Click “OK” to continue.
- Click on “Apply” to continue
- Follow the same steps for all the other service roles and click on “OK” to continue
- Now , jump in to your IIS manager and Open the application Settings
- Add your external Gateway Server name to “Default TS Gateway” option