Creating a Self-Signed Certificate for the Remote Desktop Gateway Server
Updated: March 2, 2011
Applies To: Windows Server 2008 R2
This procedure describes how to use Remote Desktop Gateway Manager to create a self-signed certificate, if you did not already create one by using the Add Roles Wizard when you installed the Remote Desktop Gateway role service.
Important
We recommend that you use self-signed certificates only for testing and evaluation purposes.
Membership in the local Administrators group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).
To create a self-signed certificate for the Remote Desktop Gateway server
On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Gateway Manager.
In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, which is named for the computer on which the RD Gateway server is running, and then click Properties.
In the results pane, under Configuration Status, click View or modify certificate properties.
On the SSL Certificate tab, click Create a self-signed certificate, and then click Create and Import Certificate.
In the Create Self-Signed Certificate dialog box, do the following:
In the Certificate name box, verify that the correct fully qualified domain name (FQDN) is specified for the self-signed certificate, or specify a new name. The FQDN must match the DNS name that the client uses to connect to the RD Gateway server, unless you are using wildcard certificates or the SAN attributes of certificates.
To store the root certificate in a specified location so that you can manually distribute the root certificate to clients, verify that the Store the root certificate check box is selected, and then specify where to store the certificate. By default, this check box is selected and the certificate is stored under the %Windir%\Users\<Username>\Documents folder.
Click OK.
If you selected the Store the root certificate check box and specified a location for the certificate, a message will appear stating that RD Gateway has successfully created the self-signed certificate, and confirming the location of the stored certificate. Click OK to close the message.
Click OK again to close the RD Gateway server Properties dialog box.