Q:

So the release of Windows Server 2012 has removed a lot of the old Remote Desktop related configuration utilities. In particular, there is no more Remote Desktop Session Host Configuration utility that gave you access to the RDP-Tcp properties dialog that let you configure a custom certificate for the RDSH to use. In its place is a nice new consolidated GUI that is part of the overall "edit deployment properties" workflow in the new Server Manager. The catch is that you only get access to that workflow if you have the Remote Desktop Services role installed (as far as I can tell).

This seems like a bit of an oversight on Microsoft's part. How can we configure a custom SSL certificate for RDP on Windows Server 2012 when it's running in the default Remote Administration mode without needlessly installing the Remote Desktop Services role?

Important: you need open a CMD by "Run as administrator" then perform the wmic command.

A:

38 down vote accepted

It turns out that much of the configuration data for RDSH is stored in the Win32_TSGeneralSetting class in WMI in the root\cimv2\TerminalServices namespace. The configured certificate for a given connection is referenced by the Thumbprint value of that certificate on a property called SSLCertificateSHA1Hash.

In order to get the thumbprint value

  1. Open the properties dialog for your certificate and select the Details tab
  2. Scroll down to the Thumbprint field and copy the space delimited hex string into something like Notepad
  3. Remove all the spaces from the string. You'll also want to watch out for and remove a non-ascii character that sometimes gets copied just before the first character in the string. It's not visible in Notepad.
  4. This is the value you need to set in WMI. It should look something like this: 1ea1fd5b25b8c327be2c4e4852263efdb4d16af4.

Now that you have the thumbprint value, here's a one-liner you can use to set the value using wmic:

wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="THUMBPRINT"

Or if PowerShell is your thing, you can use this instead:

$path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path
Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="THUMBPRINT"}

It occurs to me that this solution would probably work on Windows 8 systems as well. I haven't played with it much myself yet though.

Note: the certificate must be in the 'Personal' Certificate Store for the Computer account.

Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode的更多相关文章

  1. Mac上远程桌面连接Windows Server 2012 R2

    在将一台服务器的操作系统由Windows Server 2012升级为Windows Server 2012 R2之后,在Mac电脑上用微软的远程桌面软件怎么也连不上服务器,错误信息如下: Remot ...

  2. 怎么取消 Windows Server 2012 r2 RDP 限制每个用户只能进行一个会话(转)

    在 Windows Server 2008 / 2008 R2 上,如果希望多个远程用户使用同一个账号同时访问服务器的 Remote Desktop(RDP),只需通过管理工具-远程桌面下的“远程桌面 ...

  3. 怎么取消 Windows Server 2012 RDP 限制每个用户只能进行一个会话

    在 Windows Server 2008 / 2008 R2 上,如果希望多个远程用户使用同一个账号同时访问服务器的 Remote Desktop(RDP),只需通过管理工具-远程桌面下的“远程桌面 ...

  4. Installing IIS 8.5 on Windows Server 2012 R2

    原文 Installing IIS 8.5 on Windows Server 2012 R2 Introduction This document describes how to install ...

  5. [转]Installing SharePoint 2013 on Windows Server 2012 R2

    转自:http://www.avivroth.com/2013/07/09/installing-sharepoint-2013-on-windows-server-2012-r2-preview/ ...

  6. Windows Server 2012重复数据删除技术体验

    在企业环境中,对磁盘空间的需求是惊人的.数据备份.文件服务器.软件镜像.虚拟磁盘等都需要占据大量的空间.对此,微软在Windows Server 2012中引入了重复数据删除技术.重复数据删除技术通过 ...

  7. Windows Server 2012 R2 IIS8.5+PHP(FastCGI)+MySQL环境搭建教程

    原文地址:http://www.osyunwei.com/archives/7378.html 搬运是为了自己找资料方便. 准备篇 一.环境说明: 操作系统:Windows Server 2012 R ...

  8. Windows Server 2012 R2 IIS8.5+PHP(FastCGI)+MySQL环境搭建教程

    准备篇 一.环境说明: 操作系统:Windows Server 2012 R2 PHP版本:php 5.5.8 MySQL版本:MySQL5.6.15 二.相关软件下载: 1.PHP下载地址: htt ...

  9. Windows Server 2012 R2 设置 smtp 服务器

    Windows Server 2012/2012 R2:安装和配置 SMTP 服务器 安装 SMTP 服务器 以下是安装 SMTP 服务器功能的步骤: 打开“服务器管理器”:单击键盘上的 Window ...

随机推荐

  1. Markdown 语法说明 (简体中文版)

    http://wowubuntu.com/markdown/#editor 概述 宗旨 兼容 HTML 特殊字符自动转换 区块元素 段落和换行 标题 区块引用 列表 代码区块 分隔线 区段元素 链接 ...

  2. iis 管理员执行 aspnet_iis.exe

    如果我们在注册iis的时候,出现上图的问题,我们需要在桌面上新建一个快捷方式 然后在目标处添上我们的命令. 比如:C:\Windows\Microsoft.NET\Framework\v4.0.303 ...

  3. dll清理

    結束了閉關,又得與人類交流了,只好裝QQ 印象中企鵝手腳一向是BAT中最乾淨的-結果還是裝了不少樂色,一併挖出來除之   C:\program files\common files\tencent\q ...

  4. ZOJ 1092 Arbitrage

    原题链接 题目大意:Arbitrage这个单词的解释是“套利交易”,就是利用几个币种之间的汇率差价来赚钱.比如人民币兑美元6:1,美元兑欧元1.5:1,欧元兑人民币10:1,那么用9元人民币可以换1. ...

  5. Spring MVC+Maven+Freemarker+Mybatis开发环境搭建

    版权声明:本文为博主原创文章,未经博主允许不得转载.   目录(?)[-] 创建一个Spring MVC项目 集成Freemarker 集成Mybatis Mybatis自动生成工具   利用STS( ...

  6. sgu259 Printed PR    贪心

    link:http://acm.sgu.ru/problem.php?contest=0&problem=259 思路就是贪心. 首先要读懂题目,输入的方式,把样例读懂. 第一,打印的总时间一 ...

  7. JS初学之-for套for遍历二维数组

    <!doctype html><html><head><meta charset="utf-8"><title>无标题文 ...

  8. linux权限管理_ACL权限

    一.什么是ACL权限 ACL是Access Control List(访问控制列表)的缩写,主要的目的是在提供传统的owner,group,others的read,write,execute权限之外的 ...

  9. CodeForces 558A

    Description Amr lives in Lala Land. Lala Land is a very beautiful country that is located on a coord ...

  10. ARM的工作模式和寄存器

    以前学的时候学的是S3C6410的开发板,它是三星公司推出的基于ARM v6架构(指令集),处理器是ARM11. ARM架构是构建每个ARM处理器的基础. 目前最新的是ARM v8架构:http:// ...