locked
how to generate self signed ssl certificate in windows workgroup server for computer RDP:3389 with sha256 and key size 4096. RRS feed

  • Question

  • 1. I tried below link till step 20. but step 21 not able to do  because  Certificate Enrollment Requests option is not there in mmc certificate console.

    https://blogs.msdn.microsoft.com/mayurpatankar/2017/09/01/sha-256-self-signed-certificate-for-windows-server-2012-r2/

    2.i tried to create ssl certificate with  Ca server which part of domain  but my client machine is in workgroup  ussing " Certificates (Local Computer) >>>Personal >>>>>Certificates >>>>>All Tasks>>>>>Advanced Operations>>>>>Create Custom Request" after that i am running  below command :

    cetreq -adminforcemachine -config " ca server fqdn"\ca serevr name-CA" -submit c:\certificate path    certificate which generated ussing above link till 20 step. \

    but here also getting rpc error (1722..win32)
    checked port 135 its open from both side .

    Kindly help on this.

    My intention to remove  rdp :3389 Vulnerability where existing certificate having sha1 and key size 1024  and install new ssl certificate with SHA256 with key size 4096 with self sighned or with the help of CAserver.

    Note : in domain machine  i am able to create ssl certificate with key size 4096 from CA server.



    • Edited by Jituuu Friday, November 16, 2018 3:08 AM
    Friday, November 16, 2018 3:02 AM

Answers

  • hi

    I share it in OneDrive and you can download it  ,hope it help you! 
    https://1drv.ms/w/s!ArXzl088qX09gX84ndD8TwE3BVHn

    Installing Certification Authority Windows Server 2012 WorkGroup
    https://www.youtube.com/watch?v=2CLFz5qkDyM

    Please Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.



    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, November 23, 2018 12:28 PM

All replies

  • I am researching your question ,thanks for your waiting.

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, November 21, 2018 3:33 PM
  • hi

    I share it in OneDrive and you can download it  ,hope it help you! 
    https://1drv.ms/w/s!ArXzl088qX09gX84ndD8TwE3BVHn

    Installing Certification Authority Windows Server 2012 WorkGroup
    https://www.youtube.com/watch?v=2CLFz5qkDyM

    Please Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.



    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, November 23, 2018 12:28 PM