Ask a question

Michael Barnes

Setting up Let's encrypt after using

We set up a new 2016 standard server with essentials role a few months back and set up anywhere access using the free domain which has worked fine for us on previous windows versions however it seems that on server 2016 standard there's a common problem which appears to be with the certificates which means that the server has to be restarted every 24 hours otherwise the anywhere access stops working. My research into this so far seems to indicated that the only solution is to not use

I've had a brief look at your tutorial about using Lets Encrypt certificates but I was wondering if you have any experience with setting this up after previously using In particular for remote workers as I'm assuming that as soon as we complete that tutorial the remote workers will no longer be able to connect via anywhere access? How do we get those remote workers updated with the correct information, would it be a matter of running the connect computer wizard again?


  • Remote Web Access
asked11/21/2018 15:13
Add Comment
Last Activity 12/17/2018 12:29

1 Answer(s)

  • Mariette Knap
    Add Comment
    Luke Haskett


    I'm in the same situation as Michael - the domain is awful in that the server has to be restarted every day - in fact it doesn't seem to be working at all anymore for VPN access. We own a domain and I've asked them to add an A record for with our WAN IP and then try to run your Let's Encrypt tutorial but when I test the certificate it says that the url cannot be verified as accessible - are you able to offer any help with this?


    Mariette Knap

    Hi Luke,

    Is port 80 and 443 open to the server? Please, check here

    replied 12/14/2018 12:55
    Luke Haskett

    Yes, both ports are open for our WAN IP. The system works with the default remotewebaccess - everything works on that except the VPN which fails due to the dodgy SSL certificate that Microsoft provides. Your certify the web program works fine if I add the remotewebaccess as the site binding and produces an SSL certificate but it fails when I try our own domain? 

    replied 12/14/2018 13:38
    Mariette Knap

    How long ago did you add the A record for your domain? It can take up to 24 hours to propagate.

    replied 12/14/2018 13:52
    Luke Haskett


    That might just be it! I just checked on a dns propagation website and it is down so hopefully it will be up tomorrow and all will work out. Thanks for getting back to me so quickly.


    replied 12/14/2018 14:02
    Luke Haskett

    Thanks for your help, it was just the A record propagation and it works now - one last question... the tutorial mentions an auto-renewal script with powershell but in your program I can't see the option to tick for RDP gateway. Has this changed since you wrote the tutorial?

    replied 12/17/2018 12:29

    replied 12/14/2018 12:48
Add an Answer