我的 RDP 证书在哪里?

tag-icon tag-icon windows-10 remote-desktop
我的 RDP 证书在哪里?

我们收到了官方 SSL 证书,并将其安装在远程 Windows 2019 Server 上。但是当我尝试通过 RDP 连接到此远程服务器时,我收到警告,称证书无效。此外,到期日期也与官方证书中显示的日期不匹配。因此,我想知道我们在此警告中看到的是哪个证书。我尝试在 MMC 中搜索为所述远程计算机颁发的证书。但所有搜索结果都显示正确的官方证书。那么这个证书在哪里?

@spikey_richie 是的,我使用 mmc 将它安装到本地机器。

Specific steps : On the Remote Windows Server computer, click Start and type mmc.exe.
In the MMC window, go to File > Add/Remove Snap-in.
In the Add or Remove Snap-ins window, select Certificates and click Add.
In the Certificates snap-in window, select Computer account, click Next, select Local computer, and click Finish.
Click [+] next to Certificates > Personal > Certificates
Right click on Certificates and select All Tasks > Import
Click Next
Click Browse
Select the .cer, .crt, or .pfx you would like to import. Click Open.
Click Next
Select Automatically select the certificate store based on the type of certificate.
Click Finish & OK

I could see the new Certificates in the respective folders   E.g.  under Personal, Trusted root certification authorities and as well under Remote Desktop.    Also followed this workaround "[link] https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/remote-desktop-connection-rdp-certificate-warnings/ba-p/259301"  both the command were executed  `1. $path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path`
`2. Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="$Thumbprint"})   But the second command gives
)"Invalid Parameter"`

输出:

`C:\Users\Administrator> $path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path

C:\Users\Administrator> Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="0bedcc601d6f7XXXXX"}
Set-WmiInstance : Invalid parameter
At line:1 char:1
+ Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="0bedc ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Set-WmiInstance], ManagementException
+ FullyQualifiedErrorId : SetWMIManagementException,Microsoft.PowerShell.Commands.SetWmiInstance`

好的,进一步的问题是,

 *Does the certificate include the Remote Desktop Authentication policy?*

如何检查?

您是否尝试为服务器创建新的 RDP 配置文件?

没有。我该怎么做?这是一个独立系统,带有 Microsoft Windows Server 2019 Standard 操作系统。没有域控制器等。

相关内容