Currently I'm using a desktop machine running Windows 7 Ultimate x64. Also have configured it to enable remote connections using MS Remote Desktop Services (RDS); however, since the machine issues its own self-signed security certificate I get a warning every time I connect to this computer.
So my questions are:
- Would it be more secure if I install a SSL certificate from a trusted CA such as GoDaddy, VeriSign, DigiCert, etc rather than simply continuing using a self-signed certificate?
Related to the previous question, reading http://www.alkia.net/index.php/faqs/106-how-to-secure-remote-desktop-connections-using-tls-ssl-based-authentication (specific to Windows Server 2003 including SP1), it says that the certificate should be computer based. So, I imagine when creating the Certificate Signing Request (CSR) the Common Name (CN) would the hostname/computer name rather than a domain name.
- Once I obtain the certificate, how would I install it on the Remote Desktop Protocol (RDP) server so that it is used to secure the remote connections?
This computer is a member of a workgroup.
Best Answer
The best that I could find is this: https://support.microsoft.com/en-us/kb/2001849
From the article:
Note: It is necessary to edit the registry directly because there is no user interface on Windows client SKUs to configure a server certificate.