[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Why would Windows OS RDP thumbprint change?

Posted on 2014-08-15
Medium Priority
Last Modified: 2014-08-15
First, I am a Linux admin, so bare with me if I am using the wrong terminology.

We have a Windows 2008R2 server that I routinely have to remote into for some tasks.  I use freerdp from a Linux system to remote to the system.

Recently I received an error when trying to remote to the system that said the fingerprint has changed.  I had an admin log in and confirm that the thumbprint has indeed changed.  

My question is, what would make the thumbprint change?  We have had no reinstalls, no cert updates, etc...
Question by:savone
  • 2
  • 2
LVL 20

Expert Comment

by:Svet Paperov
ID: 40263364
RDP uses SSL to secure its connection. A self-signed RDP SSL certificate expires each 6 months. Windows remote users receive a warning each time a new self-signed RDP SSL certificate is generated and they can chose to accept it or to disconnect.

If you know a little bit about SSL certificates, you know that the fingerprint corresponds to the public key of such certificate.
LVL 23

Author Comment

ID: 40263651
Is there a way to extend the expiration date beyond 6 months?  And can we use a cert from a CA (verisign?) for RDP SSL connections?
LVL 20

Accepted Solution

Svet Paperov earned 2000 total points
ID: 40263754
Yes, if you purchase a SSL certificate from a public CA you won’t get any warnings about the fingerprint because the certificate chain will be trusted by your computer.

I found Verisign a little bit more expensive than DigiCert (my preferred), Comodo or GoDaddy. But it depends on your requirements.
LVL 23

Author Closing Comment

ID: 40263766

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question