How to install a own custom domain certificate in windows server 2008 R2 to use the certificate to connect via RDP

Anonymous
2024-02-02T09:16:08+00:00

I have a Windows Server 2008 R2 in which when I connect via remote connection it shows the certificate is not trusted

how to configure to use the other certificate instead of this which it is using now for connecting.

Windows for business | Windows Server | User experience | Remote desktop services and terminal services

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Anonymous
    2024-02-05T01:32:44+00:00

    Hello   {AK},

    Thank you for posting in Microsoft Community forum.

    To install a custom domain certificate in Windows Server 2008 R2 for use with Remote Desktop Services, you can follow these steps:

    1. Obtain the custom domain certificate from a trusted certificate authority (CA) or generate a self-signed certificate using a tool like OpenSSL.
    2. Open the Remote Desktop Session Host Configuration tool by clicking Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.
    3. In the left pane, select the RDP-Tcp connection under Connections.
    4. In the right pane, click the General tab and then click Select under the SSL Certificate section.
    5. In the Select Certificate dialog box, select the custom domain certificate you obtained or generated in step 1 and click OK.
    6. Click Apply and then click OK to close the Remote Desktop Session Host Configuration tool.
    7. Restart the Remote Desktop Services service by clicking Start > Administrative Tools > Services, finding the Remote Desktop Services service, right-clicking it, and selecting Restart.

    After completing these steps, the custom domain certificate should be used for Remote Desktop Services connections instead of the previous certificate.

    I hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

    Best Regards,

    Haijian Shan

    0 comments No comments
  2. Anonymous
    2024-03-18T13:11:16+00:00

    Hi Haijian Shan,

    This shows there.

    Then I installed the certificate and restarted the machine but still shows this.

    Please guide me with the process by which I can install the certificate in the machine so that it can be selected from the Remote Desktop Session Host Configuration.

    Image

    0 comments No comments
  3. Anonymous
    2024-03-19T13:30:46+00:00

    Hi Haijian Shan,

    I installed the certificate in the server changed from the RDP host configuration then restarted the server but when I tried to connect the server from rdp then it still getting the same error

    Image

    0 comments No comments
  4. Anonymous
    2024-03-21T09:36:01+00:00

    Hello  {AK},

    Thank you for your reply.

    Luckily, I found a document on how to resolve Certificate Warnings, which you can refer to.

    Remote Desktop Connection (RDP) - Certificate Warnings - Microsoft Community Hub

    I hope the information above is helpful.

    Best Regards,

    Haijian Shan

    0 comments No comments
  5. Anonymous
    2024-10-30T14:11:18+00:00

    Hi Haijian Shan,

    I completed the Installation of Certificate in the RDP Session by following these steps.

    Part 1: Install RD Gateway Role Service

    To set up the Remote Desktop Gateway (RD Gateway), the following steps were completed:

    1. Open Server Manager:

    The server was logged into and Server Manager was opened from the Start menu.

    2. Add the Remote Desktop Services Role:

    In Server Manager, the Roles section on the left was clicked. Then, Add Roles was selected.

    3. Select the RD Gateway Role:

    In the Add Roles Wizard, Remote Desktop Services was selected, followed by clicking Next. Under Select Role Services, Remote Desktop Gateway was checked, and Next was clicked.

    4. Skip SSL Certificate Configuration for Now:

    When prompted for an SSL certificate, Use SSL Certificate Later was chosen, or Self-signed certificate was selected temporarily if a custom certificate would be added later.

    5. Review and Complete Installation:

    After reviewing the configuration, Install was clicked to begin the installation. Once the process was completed, Close was clicked to finalize the installation.

    Part 4: Prepare a Trusted .p12 Certificate

    To use a custom certificate with the Remote Desktop Gateway, the .keystore certificate file was converted to a .p12 format.

    1. Locate and Place the Keystore File:

    The .keystore certificate file was copied to the following directory:

    C:\Program Files\Java\bin

    2. Convert the Keystore to .p12 Format:

    The following keytool command was executed in Command Prompt, navigating to the bin directory where the .keystore file is located:

    cd C:\Program Files\Java\bin

    And converted the .keystore file to .p12 format.

    3. Verify .p12 Certificate Generation:

    After getting the .p12 file was successfully created in the directory C:\Program Files\Java\bin.

    Part 5: Install the Certificate Using MMC (Microsoft Management Console)

    Once the .p12 certificate was generated, it was imported into the server's certificate store.

    1. Open MMC:

    The Microsoft Management Console (MMC) was opened by pressing Win + R, typing mmc, and pressing Enter.

    2. Add Certificates Snap-in:

    In MMC, File > Add/Remove Snap-in... was selected. In the Add or Remove Snap-ins window, Certificates was chosen and added, selecting Computer account and clicking Next and Finish.

    3. Import the .p12 Certificate:

    In MMC, the following steps were followed to import the .p12 certificate:

    • Expanded Certificates (Local Computer) > Personal.
    • Right-clicked Personal, selected All Tasks > Import to start the Certificate Import Wizard.
    • In the wizard, the .p12 file was located, the password for the certificate was entered, and the certificate was imported into the Personal store. Part 6: Assign the Certificate to Remote Desktop Services

    After importing the certificate, it was bound to the Remote Desktop Services (RDS) for use with the RD Gateway.

    1. Open Remote Desktop Session Host Configuration:

    The Remote Desktop Session Host Configuration was opened by navigating to Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.

    2. Assign the Certificate:

    In the Remote Desktop Session Host Configuration window, under Connections, RDP-Tcp was right-clicked, and Properties was selected. In the RDP-Tcp Properties window, the General tab was opened, and Select was clicked next to Certificate. The imported certificate was selected in the Select Certificate window and confirmed by clicking OK.

    3. Apply Changes:

    Changes were applied by clicking Apply in the RDP-Tcp Properties window.

    4. Restart Remote Desktop Services:

    Services was opened by pressing Win + R, typing services.msc, and pressing Enter. In the Services window, Remote Desktop Services was located, right-clicked, and Restart was selected. This ensured the new certificate was applied and used by Remote Desktop Services.

    With these steps completed, the RD Gateway was successfully configured with a trusted SSL certificate.

    2 people found this answer helpful.
    0 comments No comments