Windows Server 2008 R2 Remote desktop services (RDS) & Certificates

Question

We are using Server 2008 R2 as RDS server and clients use RDC client to access the server remotely. I want to know how can I assign self-signed server certificate to the clients so that they have to install the cerifitcate on their computer before accessing the server.

Thank you in advance for any replies, Hemal

are you looking to use client certificates for authentication? I'm not positive, but from my Googling around for this a few months ago, it looks like you can setup server certificates to guarantee the authenticity of the remote host to the client (and enable encryption), but I couldn't find anything that resembled client certificate authentication i.e. each RDP client would require a valid client certificate signed by a CA on the domain. If I'm wrong, please let me know, because I'd love to setup two-factor RDP authentication with certificates and domain logon. — gravyface, Jun 16 '11 at 15:49
Hi Gravyface, Thank you for the reply. And sorry for the delay to acknowledge it. Have you ever setup the rdp authenticagtion with certificate and logon? — Hemal, Nov 21 '11 at 16:28

Tatas · Answer 1 · 2011-06-16T15:44:16.813

0

Are these systems joined to an Active Directory? If so, you could utilize the PKI that comes with it. Take a look at this technet post, it should help.

edited Jun 16 '11 at 15:44

answered Jun 14 '11 at 20:51

Tatas

2,091
1
13
19

Yes. My Domain controller is Server 2003R2 SP2. – Hemal Jun 14 '11 at 21:04
Updated my original post. – Tatas Jun 16 '11 at 15:43

score 0 · Accepted Answer · answered Jun 14 '11 at 21:04

I believe you need to install the Internet Information Services Manager (IIS) through Server Manager (add under Roles). You also need to install the Active Directory Certificate Services roll. The rest I found on Technet.

To create a self-signed certificate

You can perform this procedure by using the user interface (UI).

User Interface To use the UI Open IIS Manager and navigate to the level you want to manage. For information about opening IIS Manager, see Open IIS Manager (IIS 7). For information about navigating to locations in the UI, see Navigation in IIS Manager (IIS 7).

In Features view, double-click Server Certificates.

In the Actions pane, click Create Self-Signed Certificate.

On the Create Self-Signed Certificate page, type a friendly name for the certificate in the Specify a friendly name for the certificate box, and then click OK.

http://technet.microsoft.com/en-us/library/cc753127(WS.10).aspx

Hi Funran, Thank you for reply and sorry for delay..I will try this out now... — Hemal, Nov 21 '11 at 16:29

Windows Server 2008 R2 Remote desktop services (RDS) & Certificates

2 Answers2