We help IT Professionals succeed at work.

Terminal Services - RDP Encryption

984 Views
Last Modified: 2013-11-21
We are working on encrypted RDP connections to our servers.

I have currently done the following.
1.) Installed CA on one of my Domain Controllers
http://www.petri.co.il/install_windows_server_2003_ca.htm
2.) Added the Hotfix for Vista, 7 and 2008 .asp pages to the CA.

Went to my test server which is running Server 2003 with Terminal Services in admin mode and did the following.
1.) Went to my CA server via http://server_name/certsrv
a.) Request a certificate
b.) advanced certificate request.
c.) Create and submit a request to this CA.
d.) The only thing I change here is the key size to at least 2048.
e.) Finish the submit and install the certificate.

2.) http://technet.microsoft.com/en-us/library/cc781085%28WS.10%29.aspx#BKMK_TSC
When I try to select the certificate to use on the general tab there are none in the list.

So my couple of issues are:
When I try to select the certificate to use on the general tab there are none in the list.  Also if I just hit ok here and try to get to the server from a machine that I did not add the CA cert to I can still RDP and I am not sure if it is encrypted or not.  I must be missing something here.

Comment
Watch Question

Cláudio RodriguesFounder and CEO
CERTIFIED EXPERT

Commented:
On the RDP-tcp listener you must select the proper encryption level you want (run TSCC.MSC on the TS to access RDP-tcp).
Also to which store was the certificate imported to? That may be the reason why you cannot see it.

Cláudio Rodrigues
Microsoft MVP - RDS
Citrix CTP

Author

Commented:
I selected Negotiate on the security Layer and High on the encryption level already>  I am not sure where that cert ended up.  I search up and down the certs MMC that I created and I can't find it.
Founder and CEO
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
I am reading through your link I will get back to you tomorrow.

Author

Commented:
thanks very helpful
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.