Checklist: Configuring a Certificate for the Remote Desktop Gateway Server

Updated: March 2, 2011

Applies To: Windows Server 2008 R2

By default, Transport Layer Security (TLS) 1.0 is used to encrypt communications between Remote Desktop Services clients and RD Gateway servers over the Internet. For TLS to function correctly, you must install a Secure Sockets Layer-compatible X.509 certificate on the RD Gateway server.

You can obtain a certificate in one of the following ways:

  • You can generate and submit a certificate request to obtain a certificate from a stand-alone or an enterprise certification authority (CA).

  • You can purchase a certificate (or obtain one at no cost on a trial basis) from one of the trusted public CAs that participate in the Microsoft Root Certificate Program Members program [as listed in article 931125 in the Microsoft Knowledge Base (].

  • You can use the Add Roles Wizard to create a self-signed certificate when you install the RD Gateway role service, or you can use Remote Desktop Gateway Manager to do this after RD Gateway is installed.


We recommend that you use a self-signed certificate only for testing and evaluation purposes.

This checklist lists the tasks that you need to complete to successfully configure certificate requirements for the RD Gateway server and provides more information about the different methods that you can use to obtain a certificate. This checklist enables you to configure certificates for an RD Gateway server so that a remote user can access an internal corporate or private network resource over the Internet, by using the RD Gateway server.

Task Reference

Obtain a certificate for the RD Gateway server.

Obtaining a Certificate for the Remote Desktop Gateway Server

Create a self-signed certificate for the RD Gateway server.

Creating a Self-Signed Certificate for the Remote Desktop Gateway Server

Select an existing certificate for RD Gateway.

Selecting an Existing Certificate for Remote Desktop Gateway

Import a certificate into RD Gateway server.

Importing a Certificate into the Remote Desktop Gateway Server

View or modify certificate properties.

Viewing or Modifying Certificate Properties