Securing Remote Desktop Connections With SSL Certificate From a Trusted Certificate Authority

windows-7 security remote-desktop ssl certificate
8,518

The best that I could find is this: https://support.microsoft.com/en-us/kb/2001849

From the article: Note: It is necessary to edit the registry directly because there is no user interface on Windows client SKUs to configure a server certificate.

Share:
8,518

Related videos on Youtube

JCM
Author by

JCM

Updated on September 18, 2022

Comments

  • JCM
    JCM over 1 year

    Currently I'm using a desktop machine running Windows 7 Ultimate x64. Also have configured it to enable remote connections using MS Remote Desktop Services (RDS); however, since the machine issues its own self-signed security certificate I get a warning every time I connect to this computer.

    enter image description here So my questions are:

    • Would it be more secure if I install a SSL certificate from a trusted CA such as GoDaddy, VeriSign, DigiCert, etc rather than simply continuing using a self-signed certificate?

    Related to the previous question, reading http://www.alkia.net/index.php/faqs/106-how-to-secure-remote-desktop-connections-using-tls-ssl-based-authentication (specific to Windows Server 2003 including SP1), it says that the certificate should be computer based. So, I imagine when creating the Certificate Signing Request (CSR) the Common Name (CN) would the hostname/computer name rather than a domain name.

    • Once I obtain the certificate, how would I install it on the Remote Desktop Protocol (RDP) server so that it is used to secure the remote connections?

    This computer is a member of a workgroup.

    • Marki555
      Marki555 almost 9 years
      Cert from trusted CA won't be more secure. The same security will be achieved by installing the self-signed server certificate on your client machine, so that the cert will be known and it will be able to notify you if someone would try to present you a different cert during an attack.
    • Russell Uhl
      Russell Uhl almost 9 years
      Would it be more secure? no. A trusted CA is essentially used so that you the user (not you the machine) can be confident that the machine you're connecting to is the one you actually mean to be connecting to. You could just as easily create your own self-signed cert with custom information, or just use the default
  • I say Reinstate Monica
    I say Reinstate Monica almost 7 years
    This is essentially a link-only answer.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Error while creating self-signed SSL certificate
RDP client does not consider smart card as valid for authentication
How to make a self-signed certificate trusted?
Every website is showing untrusted certificate warning on all browsers
Install SSL certificate from an untrusted website into the Certificates snap-in using IE
How to set TLS protocols as default after applying KB3140245?
pip cannot fetch URL because of an error with the SSL certificate
How to make computer (or user) trust signed software
Creating a self-signed cert and trusting it for windows RDP (no domain)
Why do I have untrusted certificates for Google, Yahoo, Mozilla and others?