Windows – Securing Remote Desktop Connections With SSL Certificate From a Trusted Certificate Authority

certificateremote desktopSecuritysslwindows 7

Currently I'm using a desktop machine running Windows 7 Ultimate x64. Also have configured it to enable remote connections using MS Remote Desktop Services (RDS); however, since the machine issues its own self-signed security certificate I get a warning every time I connect to this computer.

enter image description here
So my questions are:

  • Would it be more secure if I install a SSL certificate from a trusted CA such as GoDaddy, VeriSign, DigiCert, etc rather than simply continuing using a self-signed certificate?

Related to the previous question, reading http://www.alkia.net/index.php/faqs/106-how-to-secure-remote-desktop-connections-using-tls-ssl-based-authentication (specific to Windows Server 2003 including SP1), it says that the certificate should be computer based. So, I imagine when creating the Certificate Signing Request (CSR) the Common Name (CN) would the hostname/computer name rather than a domain name.

  • Once I obtain the certificate, how would I install it on the Remote Desktop Protocol (RDP) server so that it is used to secure the remote connections?

This computer is a member of a workgroup.

Best Answer

The best that I could find is this: https://support.microsoft.com/en-us/kb/2001849

From the article: Note: It is necessary to edit the registry directly because there is no user interface on Windows client SKUs to configure a server certificate.