Category: General

Replace the self-signed Remote Destkop Certificate with an e.g. PKI Certficate from your internal CA

Copy the Thumbprint of the Certificate you want to use for the RDP Connection and copy it to the $Hash variable. $TSGeneralSetting = Get-WmiObject “Win32_TSGeneralSetting” -ComputerName “<Server Name>” -Namespace root\cimv2\terminalservices -Filter “TerminalName=’RDP-tcp'” $Hash = “<hash of new certificate>” $TSGeneralSetting.SSLCertificateSHA1Hash = $Hash $TSGeneralSetting.put() Or via command…