cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Certificates are cached too aggressively in RD Web Client

Certificates are cached too aggressively in RD Web Client
5

Upvotes

Upvote
 Aug 21 2022
5 Comments (5 New)
New

We use the RD Web Client (Latest version 1.0.27) Normally it works really well, but then once a year we have to update our SSL Certificates.

 

The problem is the Web Client likes to cache the old certificate and not get the latest certificate. This results in people getting the following error:

cpmcgrath_0-1661119167217.png

Hitting F5, Ctrl F5 does not resolve this. The following are the instructions we have to give the AVERAGE USER to get them passed it:

 

* Press F12 to open DEVTOOLS

* Press F1 to open DEVTOOLS SETTINGS

* Under Networking tick Disable Cache (while DevTools is open)

* On the tab, refresh the page with F5.

* Close the DevTools tab

 

Luckily these instructions more or less work for every major browser. But I think you can see that no end user should have to do anything as crazy as this.

 

This also makes the move towards certificates with a shorter life impossible.

 

Can this please be looked into with urgency?

 

(Note: I know this is the Azure Virtual Desktop Feedback, but It's what the feedback button in the web client links to. If there's a better place to provide this feedback please let me know)

Comment
Comments
Moonigan
Copper Contributor
‎Jan 04 2023 11:43 PM
‎Jan 04 2023 11:43 PM

This is a massive PITA for us for the same reason but your solution is a lot cleaner than what had been previously suggested which involved clearing the local browser cache on the client.

DanHagerman
Copper Contributor
‎Mar 21 2023 09:45 AM
‎Mar 21 2023 09:45 AM

I agree, this is also an issue for us.  

rkapsammer
Copper Contributor
‎May 26 2023 02:01 AM
‎May 26 2023 02:01 AM

That's really a mess from an UX perspective.

 

And with shorter validity periods of the certficates this is going to be even more of a problem...

andymensch
Copper Contributor
‎Jan 31 2024 06:51 AM
‎Jan 31 2024 06:51 AM

Hi Chris,

 

I also just ended up on this post, having the same issue.

Thanks to your workaround I now have that.

 

While now every end user needs to do some pseudo-deep-technicians-stuff, I am investing time into excessively extend the liftetime of my RD Webclient certificate - to 5 or 10 years.

I can recommend anyone to do the same.

cpmcgrath
Copper Contributor
‎Jan 31 2024 05:10 PM
‎Jan 31 2024 05:10 PM

I would just be careful about extending the lifetime of your certificates beyond a year. Chrome refuses to accept the validity of certificates with a lifetime over 398 days. This only applies to publicly trusted CAs, so maybe that's how you get around it. But personally, I think certificates signed by a publicly trusted CAs should be the expectation.

Similar Ideas
No similar ideas