Eliminating HP Thin Client RDP Certificate warning popups

CBT · 09 Jul 2015

We are currently attempting to upgrade a large amount of older machines at our facilities to WES7 thin clients, HP models t5740e. The rollout has been going quite well with one nagging complaint; a warning box when trying to connect to the RDP server.

Every time a user clicks the 'connect' button on the HP Connection Manager, we get the following :

We have joined the thin clients to the domain, created certificates, and we assigned trusted root CAs via Group Policy, but the warning persists. Going in through IE on the machine shows us the certificate IS being trusted despite the warning box stating otherwise.

The only way we've been able to get the warning to stop showing up is by disabling all the local resource redirections (IE : 'redirect local printers', 'redirect comm ports', and so on). I honestly don't know why that would affect the certificate being trusted or not, but it's not a good fix for us. We need local resource redirections for about half our deployments.

Has anyone here had experience with this or a similar issue?

Kari · 09 Jul 2015

Hi CBT, welcome to the Seven Forums.

Do this on remote clients, both in Group Policy > Computer Configuration and Group Policy > User Configuration:

(Click to enlarge)

If it does not resolve your issue, see this article for further information: How to resolve the issue: ?A website wants to start a remote connection. The publisher of this remote connection cannot be identified.? - Remote Desktop Services (Terminal Services) Team Blog - Site Home - MSDN Blogs

Don't let the title fool you; in your case it's not a website making a remote connection but the workaround is the same.

Kari

GokAy · 10 Jul 2015

What happens when you tick that box "don't ask again ..." in the popup window shown in the screenshot?

Kari · 10 Jul 2015

GokAy said:

What happens when you tick that box "don't ask again ..." in the popup window shown in the screenshot?

That's not the point; of course then this dialog is no longer shown in consequent connections. The point is how to avoid it in the first place, not showing a single time not even the first time.

CBT · 10 Jul 2015

GokAy said:

What happens when you tick that box "don't ask again ..." in the popup window shown in the screenshot?

Actually? It still pops up. At first I thought it was the write filter but even with EWF disabled the 'don't' ask again' never seems to work.

I'm kind of thinking it's something specific to the HP connection manager though, just because the popup vanishes if we're not choosing any of the local redirection options (Redirect local storage, redirect comm ports, redirect printers, etc). Unfortunately we're using refurbed thin clients due to Administration wanting to save as much $$$ as possible, and HP has refused to help citing 'out of warranty' thin clients.

We did enable SHA1 thumbprint but only on the computer configuration section and not user configuration section. I'll test that out and see what the result is.

CBT · 21 Jul 2015

Apologies for the tardy response, opening a new building has been crazy busy. Even with the SHA1 thumbprint option turned on, it still gives us the warning error. Any other thoughts as to how we can approach this?

Kari · 21 Jul 2015

Honestly, I have no idea. Enabling the SHA-1 thumbprint should have taken care of that. I will come back if I find something. Please, if you find a solution come back and post it.