Prevent remote desktop from generating a self-signed certificate

Question

Prevent remote desktop from generating a self-signed certificate

Hello,

Does anyone know a way to prevent remote desktop from creating a self-signed certificate? I would like to avoid having to implement anything that will generate errors and I have a requirement to ensure there are no self-signed certificates. I have also already gotten RDP to use CA generated certificates as well.

Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,621 Reputation points Microsoft Vendor

2020-12-22T02:53:31.793+00:00

Hi,

Have you checked if the answer helps?

If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,621 Reputation points Microsoft Vendor

2020-12-22T02:53:31.793+00:00

Hi,

Have you checked if the answer helps?

If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

Answer 1

Hi,

After research, I found below setting can prevent the self-signed certificate generation. But it will generate 1057 error in your system event log. If you do not mind this, you can have a try.

Open Regisrtry Editor > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations > set the value of "SelfSignedCertStore" to "NUL"

Thanks,

Eleven

If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

Prevent remote desktop from generating a self-signed certificate

1 answer

Eleven

Activity