I've setup a remotedesktop session host Gateway/Web/Broker and Session host servers with a valid 3rd party CA wildcard. From the inside it works fine...no cert errors. Our internal domain is a .local and does not match our external domain (which is what the cert has..the external domain name). From the outside I get a cert mismatch error and I can't quite figure out why.
When it fails I can clearly see that the requested computer name is using the internal domain which would imply why their is a cert mismatch. I've tried using the Set-RDPublishedName.ps1
tool without success (it actually prevents both internal and external access from working so i've put it back the way it was before). Perhaps i'm going down the wrong path or simply using the tool incorrectly.
Oddly enough from the outside I can just click that I want to continue and it connects like a champ but I'd want to get rid of the cert errors completely.
The client i'm using to test both internal and external access is a Win8.1 U1 machine fully patched.