Hope you like it..

There is no certificates installed on this remote desktop server

May 25, 2015 at 2:27 pm Leave a comment

On the RD  Session Host Configuration when you tried to assign the SSL certificate which you obtained from any vendor you will receive the message in the title.

This is because the SSL certificate need to be imported on .PFX format , In my case the cert i downloaded from GoDaddy was having a .crt extension. Therefore I opened the Certificate-Snapin(Local Computer) and  selected the already imported certificate in the Personal container,then I  tried to export the certificate as  Personal Information Exchange(.pfx)so I could re-import it correctly But I was not able to do so as it was showing the below screen,

As you see the Personal Information Exchange option is disabled as this is because the SSL certificate does not have the private key.

In order to overcome this get the serial number of the certificate(Open  the ssl certificate by double clicking on it and open the details TAB) then on a command prompt entere the below command;

certutil -repairstore my “SerialNumber”

That’s it now you could the export the cert as .pfx and re-import it on Personal and Remote Desktop containers in Certificate Snap-in.

Finally you could select the SSL on RD Session Host configuration.

Source:

http://scexblog.blogspot.com/2010/09/export-personal-information-exchange.html

Update1:

In 2012 and above MS have removed the RDP Snap-in to change the SSL Certificate thus you need to follow the steps mentioned in MS KB Article:https://support.microsoft.com/en-us/help/3042780/remote-desktop-listener-certificate-configurations-in-windows-server-2

Entry filed under: Windows 2012. Tags: 2012 rdp ssl, how to convert .crt to .pfx.