##Custom SSL Certificate for Windows RDP Service
Requirements
- Windows 8+ or Server 2012+
- Certificate with private key (*.p12)
- Intermediate CA certificate (*.cer)
- Administrative rights to modify the certificate store
If you're in Windows Server 2012 R2, use Microsoft's Easy Fix.
###Install the intermediate certificate
- Install your intermediate certificates by double clicking your *.cer file, store it in Local Machine.
- When prompted to select a store, store it in Intermediate Certification Authorities.
###Install the local certificate
- Install your intermediate certificates by double clicking your *.p12 file, store it in Local Machine.
- When prompted to select a store, store it in Personal.
- Open
mmc.exe
, add the Certificates snap-in. When prompted, select Computer account. - Go to Personal, right click your certificate and select All Tasks > Manage Private Keys.
- Add Network Service so the RDP service can read your private key.
- Double click your certificate. Go to the Details tab, select Thumbprint from the dropdown menu and copy the values, we'll need them next.
###Configure RDP Service to use new certificate
- Edit
rdp_cert.reg
- Change the values after
hex:
to match your thumbprint. You can use the replace function to replace spaces with commas. - Double click
rdp_cert.reg
to apply it - Restart Terminal Services service or reboot the computer.
Done.