How to secure remote desktop connections using TLS/SSL
How to secure remote desktop connections using TLS/SSL based authentication
Requirement
When you enable remote desktop on a Windows Server for administrative purposes, security issues may arise depending on how you have configured your server
Steps in windows server end
Prerequisites
- Ensure your terminal server is running Windows Server 2003 including SP1
- You also need a TLS/SSL based certificate that should be installed with the following specifications:
- The certificate should be computer based
- The certificate's purpose should be server authentication
- The certificate¡¯s private key should be available
- Since it is a computer based certificate, it should be stored in the computer account certificate store on the terminal server
1-Request a certificate
We will Request a certificate in Internet Explore, About how to Request a certificate, Please access
How To Request a certificate from Certificate Authority server in Internet Explore?
2-Issue the certificate
After you requested certificate, You can login Certificate Authority server to issue the certificate. Please access
How to Issue A certificate in Certificate Authority server?
3-Install certificate in Certificate Authority server
After you issued the certificate, You can install the certificate in Certificate Authority server. Please access
How to Install A certificate in Certificate Authority server?
4-Export certificate in Certificate Authority server
After you installed certificate in step3, You will can get the
certificate information in Internet Options tool. You can export it from
here, Please access
How to Export A certificate in Certificate Authority server?
5-Export root certificate in Certificate Authority server
MS SQL Server and all clients have to import Root Certificate, You can
export root certificate in Certificate Authority server
How to Export root certificate in Certificate Authority server?
6-Import certificate and Trusted Root Certification Authority in server
About how to import certificate, Please access
How To Import Personal Certificate With MMC?
7-Configure the Terminal Services
About how to Configure the Terminal Services, Please access
How To Configure the Terminal Services?
Steps in client computer end
Prerequisites
- The client computer must be running Microsoft Windows 2000, Windows XP, Windows Server 2003 or Windows Vista
- For Windows 2000, XP and Windows Server 2003, the remote desktop client version 5.2 or newer should be used.
- Only authorized clients should be able to trust the root
Certification Authority (CA) that has issued the computer based
certificate residing on the terminal server. This will ensure that a
TLS/SSL connection can be established from a trusted client.
1- Install Trusted Root Certification Authority
Note: You should install Trusted Root Certification Authority in your client computer.
About how to import Trusted Root Certification Authority, Please access
How To Install Trusted Root Certification Authority With MMC?
Connect to remote using TLS/SSL based authentication
Start the Remote Desktop client
start the Remote Desktop client and select the Security tab which is
a new tab that is included with the updated remote desktop client
You can now connect and logon to the terminal server
How to secure remote desktop connections using TLS/SSL的更多相关文章
- Connect to a Windows PC from Ubuntu via Remote Desktop Connection
http://www.7tutorials.com/connecting-windows-remote-desktop-ubuntu A useful feature of Windows is be ...
- 使用ubuntu远程连接windows, Connect to a Windows PC from Ubuntu via Remote Desktop Connection
from: https://www.digitalcitizen.life/connecting-windows-remote-desktop-ubuntu NOTE: This tutorial w ...
- Configure Security Settings for Remote Desktop(RDP) Services Connections
catalogue . Configure Server Authentication and Encryption Levels . Configure Network Level Authenti ...
- remote desktop connect btw Mac, Windows, Linux(Ubuntu) Mac,Windows,Linux之间的远程桌面连接
目录 I. 预备 II. Mac连接Windows III. Windows连接Mac IV. Windows连接Ubuntu V. Mac连接Ubuntu VI. Ubuntu连接Mac VII, ...
- Running a Remote Desktop on a Windows Azure Linux VM (远程桌面到Windows Azure Linux )-摘自网络(试了,没成功 - -!)
A complete click-by-click, step-by-step video of this article is available ...
- 开启Remote Desktop的PowerShell
1) Enable Remote Desktop set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Ser ...
- Microsoft Remote Desktop 通过 .rdp 文件登录
最近在淘宝上买了「市场洞察」子账号,说是子账号,其实是需要登录到他们的 Windows 服务器上才能用的.并且子账号也是 5-6 个人共用的,且不说远程服务器很老又有延迟,经常是我想添加一个监控店铺或 ...
- Remote Desktop Connection Manager
通过Remote Desktop Connection Manager(RDCMan),当前最新版本是 v2.7. 通过这款软件,我们便可以轻松的管理和访问数个RDP.左边的列表中我们可以创建总的分区 ...
- Windows组件:打开MSDTC,恢复Windows TaskBar,查看windows日志,打开Remote Desktop,打开Services,资源监控
一,Win10 打开 MSDTC 1,Win+R 打开运行窗口,输入 dcomcnfg,打开组件服务窗口 2,在组件服务 catalog下找到 Distributed Transaction Coor ...
随机推荐
- phpstorm 安装XeDbug
第一步:根据phpinfo()下载相对应的Xdebug插件,Xdebug下载路径https://xdebug.org/download.php 第二步:将下载好的Xdebug放到 G:\Service ...
- iOS-delegate设计模式
1. 使用场合 1> A想让B帮忙做一些事情,就让B成为A的代理 2> A想通知一下B发生了某些事情,或者想传递一些数据给B,就让B成为A的代理 3> B想监听A所做的一些事情, 就 ...
- 在WebAPI中调用其他WebAPI
client.BaseAddress = new Uri("http://xxx.xxx.xx.xx:xxxx/); client.DefaultRequestHeaders.Accept. ...
- 十四、pymysql模块
一.安装的两种方法 第一种 #安装 pip3 install pymysql 第二种 二.链接,执行sql,关闭(游标) import pymysql user= input('用户名:>> ...
- TCP重组问题
今天问题: vqmon 测试一pcap抓包文件18.pcap.发现实际输出的视频分片信息和抓包不符合. ===>pts : 00:00:33 Too much data in TCP recei ...
- Erlang中atom的实现[转]
转自: http://www.cnblogs.com/zhengsyao/p/3424539.html 在 Erlang 中,使用 atom 既方便又高效,我们就来看看 atom 是怎么实现的.ato ...
- HUAWEI TAG-AL00 找IMEI的过程
前几天,遇到一台华为机型,IMEI获取有问题,然后就找了一下. 以下是解决过程,权当记录一下,尽管为知笔记已经有备份了 :) 0x01: 起因 测试小哥发现,一台机型IMEI获取不全,有问题,拨号页面 ...
- JAVA中的类
节选自:http://www.cnblogs.com/dolphin0520/p/3811445.html 1. 成员内部类是依附外部类而存在的,也就是说,如果要创建成员内部类的对象,前提是必须存在一 ...
- flask-ssti,xss的防止
源码 import uuid from flask import Flask, request, make_response, session,render_template, url_for, re ...
- Java访问修饰符(控制属性或方法在哪些范围内可见)
default:不加控制符的时候,就是default,只能在本包内访问 public:公有的,在本类之外其他类中可以访问,不在本包内也可以访问 private:私有的,在本类之外其他类不能访问 pro ...