1

We received a digitally signed RDP file from a service provider to use for connecting to their infrastructure.

When I double clicked the file, it showed me a dialog which said something like "Do you trust the publisher of this remote connection?". There was check box at the bottom that read something like "Don't ask again for this publisher".

I clicked on the check box without thinking and connected. Unfortunately now when I double-click the file, it connects without first prompting/warning me.

I'd like to remove this publisher from the list so that I will be prompted before connecting to the remote server.

Any thoughts on where this might be stored or how to clear this?

I'm connecting from a Windows 7 machine.

Naraen
  • 133
  • 1
  • 4

1 Answers1

9

HKCU\Software\Microsoft\Terminal Server Client\PublisherBypassList holds the hashes of the issuer certificates which are no longer to raise a prompt according to this blog post and my observations.

Finding the "right one" might be troublesome as you don't have the certificates in your store and cannot identify it by just doing a matching. But you could just rename the entire PublisherBypassList key, re-run the connection file, click on "do not ask again" thus having the hash re-entered in the freshly re-created PublisherBypassList. Then you can match the new entry against the list of present entries in your renamed key, delete the one you want to and rename the key back to PublisherBypassList.

the-wabbit
  • 40,319
  • 13
  • 105
  • 169