Configure wildcard (*.domain.com) on Terminal Server 2003

  • Thread starter Thread starter Kirstin Koch
  • Start date Start date
K

Kirstin Koch

Guest
I have a Windows Server 2003 R2 Terminal Server that I want to use with my
wildcard certificate (*.domain.com) that was purchased through Comodo. The
certificate request was originally completed through IIS 6.0 on my Exchange
Server 2003 SP2, where I checked the option to use the Microsoft
RSA/SChannel Cryptographic Service Provider (CSP).

After receiving the certificate from Comodo, I exported the private key to a
PKCS#12 file and included all certificates. Then I imported this PFX file
into the Terminal Server's Personal certificate store under the Computer
Account.

Yet, when I attempt to select this certificate in the properties of the
RDP-Tcp connection in Terminal Services Configuration, no certificates are
displayed after clicking on the Edit button.

I've had a difficult time trying to find any definitive How-To instructions
on the web for securing Terminal Server 2003 with SSL. Can anyone tell me
what I missed or point me in the right direction?

Thanks for your time.

--------------------------
Kirstin Koch
 
Re: Configure wildcard (*.domain.com) on Terminal Server 2003

The certificate must meet the following criteria
Certificate is a computer certificate
Certificate is for server authentication
Certificate must have a private key
Certificate is stored in the TS personal store
Certificate has a Crytographic Service Provider that can be used for
TLS/SSL

The client computer must also meet some criteria
Must run Windows 2000, Windows XP, Windows 2003 or Windows Vista
Must use RDP Client 5.2 orhigher, this can be found on the 2003 SP1
server under %systemroot%\system32\clients\tsclient\win32\msrdpcli.msi
Must trust the root CA for the certificate

Check following link for more info
http://technet2.microsoft.com/windo...f53d-4e86-ac9b-29fd6146977b1033.mspx?mfr=true

Ratnesh

"Kirstin Koch" <Kirstin@pcs-sf.com> wrote in message
news:utyR86OlIHA.5396@TK2MSFTNGP06.phx.gbl...
>I have a Windows Server 2003 R2 Terminal Server that I want to use with my
>wildcard certificate (*.domain.com) that was purchased through Comodo. The
>certificate request was originally completed through IIS 6.0 on my Exchange
>Server 2003 SP2, where I checked the option to use the Microsoft
>RSA/SChannel Cryptographic Service Provider (CSP).
>
> After receiving the certificate from Comodo, I exported the private key to
> a PKCS#12 file and included all certificates. Then I imported this PFX
> file into the Terminal Server's Personal certificate store under the
> Computer Account.
>
> Yet, when I attempt to select this certificate in the properties of the
> RDP-Tcp connection in Terminal Services Configuration, no certificates are
> displayed after clicking on the Edit button.
>
> I've had a difficult time trying to find any definitive How-To
> instructions on the web for securing Terminal Server 2003 with SSL. Can
> anyone tell me what I missed or point me in the right direction?
>
> Thanks for your time.
>
> --------------------------
> Kirstin Koch
>
 
Back
Top