Prevent remote desktop from generating a self-signed certificate

Mark Thompson 6 Reputation points


Does anyone know a way to prevent remote desktop from creating a self-signed certificate? I would like to avoid having to implement anything that will generate errors and I have a requirement to ensure there are no self-signed certificates. I have also already gotten RDP to use CA generated certificates as well.

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
3,818 questions
{count} vote

2 answers

Sort by: Most helpful
  1. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,686 Reputation points Microsoft Vendor


    After research, I found below setting can prevent the self-signed certificate generation. But it will generate 1057 error in your system event log. If you do not mind this, you can have a try.

    Open Regisrtry Editor > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations > set the value of "SelfSignedCertStore" to "NUL"



    If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

  2. Vijay Kumar 0 Reputation points

    Has anyone found the solution to this?

    I've configured the GPO to automatically enroll the RDP certificate. Now I need to get rid of the self signed certificate that is getting installed automatically.

    0 comments No comments