Configure Certificate Settings for Remote Web Workplace

In this optional task, you configure your Remote Web Workplace URL (for example, with a public certificate from a trusted certificate issuer. We recommend that you configure a public certificate instead of the private certificate that is issued by default by Windows EBS. This allows users to connect to Remote Web Workplace with a Secure Sockets Layer (SSL) connection that is verified with a publically trusted certificate.


As an advanced option, you can choose to use the default private certificate for Remote Web Workplace. In this case, deploy a self-signed certificate package to your remote computers so that the remote Web browsers can validate the server running Remote Web Workplace. For more information about installing the self-signed security certificate, see the Microsoft Web site (

To configure Remote Web Workplace with a public certificate

  1. If you do not already have a public certificate for the Remote Web Workplace URL, obtain one from a trusted certificate issuer. You may need to contact your Internet service provider for assistance.


    You may use a wild-card certificate for your domain, if you have one.

  2. Deploy the public certificate to the Trusted Root Certification Authorities store on the Security Server. For help with importing server certificates, click Start, and then click Help and Support.


    You must install the certificate in the computer account’s personal certificate store.

  3. Add the certificate to the external Web listener for Remote Web Workplace in Forefront TMG. For information about modifying the publishing rule for Remote Web Workplace, see the Microsoft Web site (