Share via

Add Letsencrypt SSL certificate to RDP to make connection secure in Windows Server 2022

Anonymous
2023-11-28T01:22:55+00:00

Hi

I have searched everywhere for the solution to this for Server 2022 and the newest version I can find is Server 2019 instructions. Based on how many differences I have found I 2022 from my experiences with 2016 I am not game to try the instructions for Server 2019 just in case. Can anybody give me instructions to add a certificate for RDP on Server 2022?

The whole point behind my request is so I can sign off on the two final security metrics that I have been required to meet:

I assume the OpenSSH will also be OK after the RDP connection has a proper (not self-signed) certificate? Or will OpenSSH need to be updated / patched? If so, would anyone know where to find info on that?

Sorry for all the questions, but I have been on this for weeks and time is running out, so your help is greatly appreciated!

Windows for business Windows Server Networking Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

9 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-11-28T07:53:06+00:00

    Hello,

    I apologize, but I couldn't locate any official documentation regarding the deployment of certificates on Server 2022. However, from my personal experience, if your server has an RDCB role, you can deploy the certificate by accessing collection properties.

    Image

    On the remote session host, the SSL certificate can be imported using the console.

    Image

    Following that, you can configure RDP to utilize the SSL certificate by applying the settings specified in the two group policies outlined in the attached screenshot.

    Image

    I hope the information provided above may be of assistance.

    Regards,

    Karlie

    0 comments
  2. Anonymous
    2023-11-30T03:57:26+00:00

    Hi Karlie

    Thank you for your reply. The server does not have Remote Desktop Services enabled as I have been warned about losing the 2 free seats if I install it. As I am only using one server and log in I thought it wouldn't be necessary. Is there any way to do this without an RDCB role? If not, could you give me an indication as to what the fee is once I install Remote Desktop Services?

    0 comments
  3. Anonymous
    2023-11-30T07:42:06+00:00

    Hello!

    Is there any way to do this without an RDCB role?

    If you do not possess the full set of RDS roles, simply refer to the second and third screenshots, and proceed with installing the certificate directly on the RDP server.

    You may also refer to Securing RDP Connections with Trusted SSL/TLS Certificates

    If not, could you give me an indication as to what the fee is once I install Remote Desktop Services?

    The fee for installing RDS can vary depending on several factors, including the licensing model (including User CALs and Device CALs), and the number of users or devices accessing the remote desktop environment.

    Kind regards,

    Karlie

    0 comments
  4. Anonymous
    2023-12-01T00:39:54+00:00

    Sorry Karlie, the initial instructional reply read like a continual process to me. I will revisit the 2nd and 3rd parts now. Thanks for your reply.

    0 comments
  5. Anonymous
    2023-12-01T01:00:14+00:00

    Ok, now I remember the problem, I do not have any options to add snap-ins in MMC. Why is it missing?

    0 comments