asked on

Plugin ID 51192—SSL Certificate Cannot Be Trusted (PORT 3389) and Plugin ID 57582—SSL Self-Signed Certificate (PORT 3389)

Hi. We would like to try to get rid of this vulnerability result from Symantec Nessus:
Plugin ID 51192—SSL Certificate Cannot Be Trusted (PORT 3389) and Plugin ID 57582—SSL Self-Signed Certificate (PORT 3389)

Might there be a way to authorize the certificate so it won't show up in the scan?
we can't exclude it.
Plugin-ID-51192---SSL-Certificate-Ca.jpg
Plugin-ID-57582---SSL-Self-Signed-Ce.jpg

ASKER CERTIFIED SOLUTION

Joseph Hornsey

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

murkytuna

ASKER

This is on server 2008.

Could this be done through a GPO?

running windows 7 on vmware zero clients.

Joseph Hornsey

I'm not sure the SSL config has to be done on the clients, so I doubt a GPO would be necessary.

On the server, you configure RDP-Tcp to use SSL by selecting the certificate on the General tab of the RDP-Tcp properties in Remote Desktop Session Host Configuration.

Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration:

Right click on RDP-Tcp and go to Properties.

Give it a shot and let me know how it goes. Like I said, I'm curious about this - I've never done it myself.

murkytuna

ASKER

This will definitely fix it. Unfortunately we can't implement it yet.

Joseph Hornsey

LOL... yeah... those are the best situations: "This is a problem, but you can't fix it yet!"

murkytuna

ASKER

What would be a good solution for this on the workstation end as opposed to the server end?

Joseph Hornsey

What do you mean?

murkytuna

ASKER

on the windows 7 computer end, how could this be fixed on an individual machine?