5.3.3.1 Proprietary Certificates

Proprietary Certificates are used exclusively by servers that have not received an X.509 certificate from a Domain or Enterprise License Server. Every server creates a public/private key pair and then generates and stores a Proprietary Certificate containing the public key at least once at system start-up time. The certificate is only generated when one does not already exist.

The server sends the Proprietary Certificate to the client in the Server Security Data (section 2.2.1.4.3) during the Basic Settings Exchange phase of the RDP Connection Sequence (section 1.3.1.1). The Proprietary Certificate structure is detailed in section 2.2.1.4.3.1.1.