When attempting to launch a published application or desktop from the vWorkspace Web-IT Portal the error “Because of a protocol error detected at the client (code 0x1104), this session will be disconnected.” “Please try connecting to the remote computer again.” Is displayed.
This can be caused if there is an issue with the Certificate on the Quest vWorkspace Secure-IT Server.
To ensure the Secure-IT Certificate is Correctly Configured, please perform the following;
1. Open a MMC Console as an administrator (C:\Windows\system32\ -> Find and Right click on MMC.EXE -> Select “Run as Administrator”. This step is extremely important on a 2008 server).
2. With a console window open, select “File” and “Add/Remove Snap-in”.
3. Click “Add” (This step not required on a 2008 server).
4. In the “Add Standalone Snap-in” window, select the “Certificates” Snap-in and click Add.
5. In the “Certificates Snap-in” window, select “Computer account” and Next.
6. Ensure the “Local computer: (The computer this console is running on)” is selected and click Finish.
7. In the “Add Standalone Snap-in” window, click “Close” (This step not required on a 2008 server).
8. In the “Add/Remove Snap-in” window, click “Ok”.
9. Under the “Console Root” expand to the following location “Console Root -> Certificates (Local Computer) -> Personal -> Certificates”.
10. Right Click on your Certificate and select “Properties”.
11. *Ensure that the Friendly name is the same as the name on the top of the Certificate Properties Window (Example: Gateway.lab.com should be seen at the top of the Properties Window and the Friendly Name field)*.
12. *Under the Certificate Properties section only has “Client Authentication” and “Server Authentication” selected. If other options are selected, select the “Enable only the following purposes” and select “Client Authentication” and “Server Authentication”*.
13. Once the above is configured, click “Ok” to close the Certificate Properties window.
14. Import or Re-Import the new certificate into the Secure-IT Console and restart the Quest Secure-IT Service.
15. IF NEEDED – The Certificate Issuer may require that “Root” certificates be imported into the “Third-Party Root Certificate Authorities -> Certificates” folder on the Secure-IT Server. This can be done by performing steps 1-8 above and steps 16-19 below.
16. Under the “Console Root” expand to the following location “Console Root -> Third-Party Root Certification Authorities -> Certificates”.
17. Right Click on the “Certificates” folder and select “All Tasks -> Import”.
18. Follow the on screen prompts to import the certificates.
19. Restart the Quest Secure-IT Service.
The following might be seen in a Secure-IT Log file