After publishing a RemoteApp and defining certificates you may still se this information warning:
A website is trying to run a RemoteApp program. make sure that you trust the publisher before you connect to run the program.
The certificate used is trusted but the message is still shown.
On your domain joined clients you can remove this popup by adding the certificate thumbprint to a GPO.
First click on the publisher (here *.gt.local).
Go to the details tab and find the Thumbprint field:
Copy the thumbprint to the clipboard, in this example:
d3 88 39 c2 a3 98 b1 e6 60 d8 e2 32 0a 67 82 0a 07 ea dd 18
Be careful when copying you need to start copying from the first hex number, or you will see a question mark in the copied text, the question mark must be removed.
Create a GPO for your clients, and find this policy:
Computer Configuration – Policies – Administrative Templates – windows Components – remote Desktop Services – Remote Desktop Connection Client – Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
We need to insert the thumbprint from the certificate in this policy, but lets do a little formatting first.
Start PowerShell and use use this command to remove the spaces (“thumbprint here”).replace(” “,””)
Copy the thumbprint without spaces and enable the policy and insert the thumbprint into the policy.
This will remove the popup for your clients in the future, in order to speedup the policy refresh you can use gpupdate on the client.
