TERMINAL SERVER WINDOWS 2012 R2 SECURITY ERROR CERTIFICATE KEYGEN
Serious problems might occur if you modify the registry incorrectly.
The following screenshot is a successful example:įollow the steps in this section carefully. The only way to validate is to copy directly into the Command Prompt window.Īt command prompt, run the following wmic command together with the thumbprint value that you obtain in step 3: wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="THUMBPRINT" There may be an invisible ACSII character that is also copied. Make sure that this ASCII character is removed before you run the command to import the certificate. If you copy the string into Notepad, it should resemble the following screenshot:Īfter you remove the spaces in the string, it still contains the invisible ASCII character that is only visible at the command prompt. The following screenshot is an example of the certificate thumbprint in the Certificate properties: Scroll down to the Thumbprint field and copy the space delimited hexadecimal string into something like Notepad. Open the properties dialog for your certificate and select the Details tab. To configure a certificate by using WMI, follow these steps: If you do not import the certificate, you will receive an Invalid Parameter error. The thumbprint value is unique to each certificate.īefore you run the wmic commands, the certificate that you want to use must be imported to the Personal certificate store for the computer account. The certificate for the RDS listener is referenced through the Thumbprint value of that certificate on a SSLCertificateSHA1Hash property. The configuration data for the RDS listener is stored in the Win32_TSGeneralSetting class in WMI under the Root\CimV2\TerminalServices namespace. Method 1: Use Windows Management Instrumentation (WMI) script To configure the listener certificates in Windows Server 2012 or Windows Server 2012 R2, use the following methods. Therefore, the system provides no direct access to the RDP listener. In Windows Server 2012 or Windows Server 2012 R2, this MMC snap-in does not exist. In the snap-in, you can bind a certificate to the listener and in turn, enforce SSL security for the RDP sessions. In Windows Server 2003, Windows Server 2008, or Windows Server 2008 R2, the Remote Desktop Configuration Manager MMC snap-in lets you direct access to the RDP listener. Methods to configure listener certificate Connections can be created and configured by using the Remote Desktop Services Configuration tool. There is a listener for each Remote Desktop Services connection that exists on the Remote Desktop server. This lets users establish new remote sessions on the Remote Desktop server.
The listener component runs on the Remote Desktop server and is responsible for listening to and accepting new Remote Desktop Protocol (RDP) client connections. This article describes the methods to configure listener certificates on a Windows Server 2012-based or Windows Server 2012-based server that is not part of a Remote Desktop Services (RDS) deployment.Īpplies to: Windows Server 2012 R2 Original KB number: 3042780 About Remote Desktop server listener availability
0 kommentar(er)
