Prevent remote desktop from generating a self-signed certificate

Mark Thompson 6 Reputation points
2020-12-18T19:36:07.217+00:00

Hello,

Does anyone know a way to prevent remote desktop from creating a self-signed certificate? I would like to avoid having to implement anything that will generate errors and I have a requirement to ensure there are no self-signed certificates. I have also already gotten RDP to use CA generated certificates as well.

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
3,818 questions
{count} vote

2 answers

Sort by: Most helpful
  1. Eleven Yu (Shanghai Wicresoft Co,.Ltd.) 10,686 Reputation points Microsoft Vendor
    2020-12-21T03:10:29.07+00:00

    Hi,

    After research, I found below setting can prevent the self-signed certificate generation. But it will generate 1057 error in your system event log. If you do not mind this, you can have a try.

    Open Regisrtry Editor > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations > set the value of "SelfSignedCertStore" to "NUL"

    Thanks,

    Eleven

    If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.


  2. Vijay Kumar 0 Reputation points
    2023-04-11T15:35:02.36+00:00

    Has anyone found the solution to this?

    I've configured the GPO to automatically enroll the RDP certificate. Now I need to get rid of the self signed certificate that is getting installed automatically.

    0 comments No comments