Hi -
I have a TS Gateway and terminal server on my lan, FQDN of the gateway is tsgateway.internalname.org. My company's external web presence is viaexternalname.org. I have DNS configured for tsgateway.externalname.org to point to one of the external addresses on my firewall, which does a nat to the private internal address for tsgateway.internalname.org. I've tested the TS Gateway scenario with a certificate issued by my internal CA, and using a hosts file to tweak name resolution to make sure I can connect from outside my lan.
I now want to buy a certificate from a public, trusted CA to use with the TS Gateway. My question is if I get a certificate issued to tsgateway.externalname.org and install it ontsgateway.internalname.org, is that going to work? Is a SAN certificate required - with the internal AND external DNS names?
