Q:

So the release of Windows Server 2012 has removed a lot of the old Remote Desktop related configuration utilities. In particular, there is no more Remote Desktop Session Host Configuration utility that gave you access to the RDP-Tcp properties dialog that let you configure a custom certificate for the RDSH to use. In its place is a nice new consolidated GUI that is part of the overall "edit deployment properties" workflow in the new Server Manager. The catch is that you only get access to that workflow if you have the Remote Desktop Services role installed (as far as I can tell).

This seems like a bit of an oversight on Microsoft's part. How can we configure a custom SSL certificate for RDP on Windows Server 2012 when it's running in the default Remote Administration mode without needlessly installing the Remote Desktop Services role?

Important: you need open a CMD by "Run as administrator" then perform the wmic command.

A:

38 down vote accepted

It turns out that much of the configuration data for RDSH is stored in the Win32_TSGeneralSetting class in WMI in the root\cimv2\TerminalServices namespace. The configured certificate for a given connection is referenced by the Thumbprint value of that certificate on a property called SSLCertificateSHA1Hash.

In order to get the thumbprint value

  1. Open the properties dialog for your certificate and select the Details tab
  2. Scroll down to the Thumbprint field and copy the space delimited hex string into something like Notepad
  3. Remove all the spaces from the string. You'll also want to watch out for and remove a non-ascii character that sometimes gets copied just before the first character in the string. It's not visible in Notepad.
  4. This is the value you need to set in WMI. It should look something like this: 1ea1fd5b25b8c327be2c4e4852263efdb4d16af4.

Now that you have the thumbprint value, here's a one-liner you can use to set the value using wmic:

wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="THUMBPRINT"

Or if PowerShell is your thing, you can use this instead:

$path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path

Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="THUMBPRINT"}

It occurs to me that this solution would probably work on Windows 8 systems as well. I haven't played with it much myself yet though.

Note: the certificate must be in the 'Personal' Certificate Store for the Computer account.

Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode的更多相关文章

  1. Mac上远程桌面连接Windows Server 2012 R2

    在将一台服务器的操作系统由Windows Server 2012升级为Windows Server 2012 R2之后,在Mac电脑上用微软的远程桌面软件怎么也连不上服务器,错误信息如下: Remot ...

  2. 怎么取消 Windows Server 2012 r2 RDP 限制每个用户只能进行一个会话(转)

    在 Windows Server 2008 / 2008 R2 上,如果希望多个远程用户使用同一个账号同时访问服务器的 Remote Desktop(RDP),只需通过管理工具-远程桌面下的“远程桌面 ...

  3. 怎么取消 Windows Server 2012 RDP 限制每个用户只能进行一个会话

    在 Windows Server 2008 / 2008 R2 上,如果希望多个远程用户使用同一个账号同时访问服务器的 Remote Desktop(RDP),只需通过管理工具-远程桌面下的“远程桌面 ...

  4. Installing IIS 8.5 on Windows Server 2012 R2

    原文 Installing IIS 8.5 on Windows Server 2012 R2 Introduction This document describes how to install ...

  5. [转]Installing SharePoint 2013 on Windows Server 2012 R2

    转自:http://www.avivroth.com/2013/07/09/installing-sharepoint-2013-on-windows-server-2012-r2-preview/ ...

  6. Windows Server 2012重复数据删除技术体验

    在企业环境中,对磁盘空间的需求是惊人的.数据备份.文件服务器.软件镜像.虚拟磁盘等都需要占据大量的空间.对此,微软在Windows Server 2012中引入了重复数据删除技术.重复数据删除技术通过 ...

  7. Windows Server 2012 R2 IIS8.5+PHP(FastCGI)+MySQL环境搭建教程

    原文地址:http://www.osyunwei.com/archives/7378.html 搬运是为了自己找资料方便. 准备篇 一.环境说明: 操作系统:Windows Server 2012 R ...

  8. Windows Server 2012 R2 IIS8.5+PHP(FastCGI)+MySQL环境搭建教程

    准备篇 一.环境说明: 操作系统:Windows Server 2012 R2 PHP版本:php 5.5.8 MySQL版本:MySQL5.6.15 二.相关软件下载: 1.PHP下载地址: htt ...

  9. Windows Server 2012 R2 设置 smtp 服务器

    Windows Server 2012/2012 R2:安装和配置 SMTP 服务器 安装 SMTP 服务器 以下是安装 SMTP 服务器功能的步骤: 打开“服务器管理器”:单击键盘上的 Window ...

随机推荐

  1. Guava 的学习

    https://zhuanlan.zhihu.com/p/20637960 java.util jooq guavanettyminajodadubbobatchlucenceactivitiquar ...

  2. Python TF-IDF计算100份文档关键词权重

    上一篇博文中,我们使用结巴分词对文档进行分词处理,但分词所得结果并不是每个词语都是有意义的(即该词对文档的内容贡献少),那么如何来判断词语对文档的重要度呢,这里介绍一种方法:TF-IDF. 一,TF- ...

  3. HDU 5692 线段树+dfs序

    Snacks Time Limit: 10000/5000 MS (Java/Others)    Memory Limit: 65536/65536 K (Java/Others)Total Sub ...

  4. gulp 制作雪碧图

    雪碧图:sprite 是把多张图片拼到一张图中,提升性能的一种做法.把合并的图片一次性加载到内存中,需要时只渲染一部分. 我们选择gulp.spritesmith插件. 使用gulp时首先要在指定的任 ...

  5. viewpager中对fragment的操作

    XXAdatper xxAdapter = (XXAdatper)viewpager.getAdapter(); XXFragment  xxFragment= (XXFragment )adapte ...

  6. session处理超时的三种方式

    1.      在web容器中设置(此处以tomcat为例) 在tomcat-5.0.28\conf\web.xml中设置,以下是tomcat 5.0中的默认配置: <!-- ========= ...

  7. SVN代码提交冲突解决方案

    SVN代码提交冲突解决方案 1.若你的代码被其他人修改并提交过了,期间你自己也修改过该文件,UPDATE的时候自己代码被覆盖. 右键——>显示日志 查看该文件的更新记录 找到需恢复的版本 右键— ...

  8. CoderForces 280B(记忆化搜索)

    题目大意:一个纸牌游戏,52张纸牌排成一列,每张纸牌有面值和花色两种属性.每次操作可以用最后一张纸牌将倒数第二张或者倒数第四张替换,但前提是两张牌的花色或者面值相同.问最终能否只剩一张牌. 题目分析: ...

  9. hdu1285 拓扑序

    题意:有N个比赛队(1<=N<=500),编号依次为1,2,3,....,N进行比赛,比赛结束后,裁判委员会要将所有参赛队伍从前往后依次排名,但现在裁判委员会不能直接获得每个队的比赛成绩, ...

  10. Java——jdk1.5新特性

     /* * 可变参数:--一个方法的参数个数不固定. * 特点: *  只能出现在参数列表的最后. *  调用可变参数的方法时,编译器为该可变参数隐含创建一个数组,在方法体中以数组的形式访问可变参 ...