question

MarkThompson-9184 avatar image
0 Votes"
MarkThompson-9184 asked ElevenYu-MSFT commented

Prevent remote desktop from generating a self-signed certificate

Hello,

Does anyone know a way to prevent remote desktop from creating a self-signed certificate? I would like to avoid having to implement anything that will generate errors and I have a requirement to ensure there are no self-signed certificates. I have also already gotten RDP to use CA generated certificates as well.

remote-desktop-services
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

Have you checked if the answer helps?

If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

0 Votes 0 ·

1 Answer

ElevenYu-MSFT avatar image
0 Votes"
ElevenYu-MSFT answered

Hi,

After research, I found below setting can prevent the self-signed certificate generation. But it will generate 1057 error in your system event log. If you do not mind this, you can have a try.

Open Regisrtry Editor > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations > set the value of "SelfSignedCertStore" to "NUL"

Thanks,
Eleven


If the Answer is helpful, please click "Accept Answer" and upvote it. Thanks.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.