Remove From My Forums

Remote Desktop Certificate 2008 R2

Question

0

Sign in to vote

Hi

Can someone tell me which KB update enables sha256 on server 2008 R2 for the RDP certificate or if a registry entry needs to be changed. Found a few articles online and tested installs of various kb's mentioned but nothing seems to change the default from sha1.

Alternatively if someone can point me to a good guide on how to use an internal CA to generate a replacement certificate which can be placed on workgroup only servers in our DMZ and replace the self-signed one?

Thanks

Monday, July 2, 2018 11:55 AM

Reply

|

Quote

All replies

0

Sign in to vote
Hi,

SHA1 Key Migration to SHA256 for a two tier PKI hierarchy:
https://blogs.technet.microsoft.com/askds/2015/10/26/sha1-key-migration-to-sha256-for-a-two-tier-pki-hierarchy/

Operating a Windows PKI: Renewing CA Certificates:
https://blogs.technet.microsoft.com/xdot509/2013/06/06/operating-a-windows-pki-renewing-ca-certificates/

Above are suggestions and just for your reference. If you have more question about Certificate, I would recommend you to post on TechNet – Windows Server – Security forum, relate product expert may provide you more suggestion:
https://social.technet.microsoft.com/Forums/en-us/home?forum=winserversecurity&filter=alltypes&sort=lastpostdesc

Thank you for your understanding.

Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
- Proposed as answer by J.Couwenberg Wednesday, July 4, 2018 7:15 AM
Tuesday, July 3, 2018 7:14 AM

Reply

|

Quote

Moderator

0

Sign in to vote

Hi,

How things are going there on this issue?

Please let me know if you would like further assistance.

Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

Tuesday, July 10, 2018 1:41 AM

Reply

|

Quote

Moderator

0

Sign in to vote

Hi,

Is there any update?

Please click “Mark as answer” if any of above reply is helpful. It would make this reply to the top and easier to be found for other people who has the similar problem.

Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

Thursday, July 12, 2018 1:59 AM

Reply

|

Quote

Moderator

0

Sign in to vote

Sorry for the delay but this does not answer the initial question.

We update our servers regularly with critical and security updates, updates that are specified in various posts are applied to our servers, yet if you delete the self-signed certificate for RDP and restart a new one is generated but only as sha1 not sha256.

I need to know which specific update changes 2008 R2 from using sha1 to sha256.

Sunday, July 29, 2018 6:14 PM

Reply

|

Quote