Prevent remote desktop from generating a self-signed certificate

Mark Thompson 6 Reputation points
2020-12-18T19:36:07.217+00:00

Hello,

Does anyone know a way to prevent remote desktop from creating a self-signed certificate? I would like to avoid having to implement anything that will generate errors and I have a requirement to ensure there are no self-signed certificates. I have also already gotten RDP to use CA generated certificates as well.

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,499 questions
{count} vote

2 answers

Sort by: Most helpful
  1. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,746 Reputation points Microsoft Vendor
    2020-12-21T03:10:29.07+00:00

    Hi,

    After research, I found below setting can prevent the self-signed certificate generation. But it will generate 1057 error in your system event log. If you do not mind this, you can have a try.

    Open Regisrtry Editor > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations > set the value of "SelfSignedCertStore" to "NUL"

    Thanks,

    Eleven

    If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.


  2. Vijay Kumar 0 Reputation points
    2023-04-11T15:35:02.36+00:00

    Has anyone found the solution to this?

    I've configured the GPO to automatically enroll the RDP certificate. Now I need to get rid of the self signed certificate that is getting installed automatically.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.