Solved

Windows 2008 R2 Certificate for Remote Desktop Expiring, how to handle this?

Posted on 2014-11-04
5
369 Views
Last Modified: 2014-11-04
On Windows Server 2008 R2 I was reviewing my certificates and I noticed that the remote desktop certificate is expiring soon.  It is a non trusted certificate according to the mmc.  I never had to renew anything in regards to this on Windows 2003.  Need to know if I have to renew this or replace it and how so that I can still remote into this server after this expires.  Or maybe there is no impact. Can someone please help me with this.  Thanks.
0
Comment
Question by:kdschool
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 9

Expert Comment

by:bas2754
ID: 40421552
Answer from here: https://social.technet.microsoft.com/Forums/windowsserver/en-US/1b528a7b-882a-4dc0-bb63-e36968cc284d/selfsigned-certificate-for-remote-desktop-expired?forum=winserverTS

"Turns out restarting the Remote Desktop Configuration service will renew the certificate if it is expired. I did not have to delete it first however I did test on another server by deleting it then restarting the service. It still properly created the certificate. Doing so generates an event log message:"
0
 

Author Comment

by:kdschool
ID: 40421718
So I think he is saying that if I just restart the remote desktop service AFTER it expires that would fix this.  Is that what you think will work.  I tried it wihtout it actually expiring and no change to the certificate occured??
0
 
LVL 9

Accepted Solution

by:
bas2754 earned 500 total points
ID: 40421858
In one case we deleted the soon to expire certificate from the Certificate Management Console -> Computer Account and then restarted the service and a new certificate was created.  So you can manually delete the certificate and restart and it will create a new one as well.

It will not create a new certificate until the one that is there is either deleted or expired.
0
 

Author Comment

by:kdschool
ID: 40422396
Well that did work. I deleted it and it recreated it but it gave me the same time lenght.  I guess I will have to do this again when it expires. This information was a great help. Thank you.
0
 

Author Closing Comment

by:kdschool
ID: 40422397
Excellent Answer.
0

Featured Post

Get Actionable Data from Your Monitoring Solution

Your communication platform is only as good as the relevance of the information you send. Ensure your alerts get to the right people every time with actionable responses. Create escalation rules that ensure everyone follows the process and nothing is left to chance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question