I am trying to set up remote app for a internal domain. I have a Root CA that is trusted my all of the end computers, that cert has signed a wildcard cert I am trying to use for the server.
I added the pfx of the wildcard cert to the local machine personal store. From there I can use it fine for signing the RD Session Host session.
However when I try to set up the signature for Remote App the certificate does not show up.
What do I need to do to get my certificate to be available for for use?
UPDATE:
The Certificate was generated through the following commands:
makecert -pe -n "CN=*.vw.local" -a sha1 -sky signature -ic VetWebCA.cer -iv VetWebCA.pvk -sv VetWebComputerWildcard.pvk VetWebComputerWildcard.cer
pvk2pfx -pvk VetWebComputerWildcard.pvk -spc VetWebComputerWildcard.cer -pfx VetWebComputerWildcard.pfx
The resultant pfx was added to the machine local store via mmc.
Oddly, going in to Powershell if I add the -CodeSigningCert flag to find the wildcard certificate it is excluded from the serch results for Get-Childitem in my Cert:\Local Machine\My path, but if I don't include it it is there.
It appears that Remote app requires explicit rights to use it for signing, you can not just use the
<All>rights. Changing my cert generation tosolves the issue (
1.3.6.1.5.5.7.3.1&1.3.6.1.5.5.7.3.2are Client Authentication and Server Authentication rights)