PKI Tutorials - Herong's Tutorial Examples - v2.20, by Dr. Herong Yang
RDP Server Certificate Location
This section provides a tutorial example on how to locate the RDP server certificate in the 'Remote Desktop' certificate store under the 'Computer Account' using the 'certlm.msc' command.
In previous tutorials, we learned how to view and install server certificate presented by the remote system to your local client system.
Now let's see how we locate and manage the server certificate on remote system. May be as a system administrator of the remote system, you want to replace the current self-signed certificate with a good certificate signed by a trusted Root CA.
The first question is then where is the server certificate is located on the remote system? In which certificate store?
The answer is that the RDP server certificate is located in the "Remote Desktop" certificate store under the "Computer Account".
Note that you cannot access the "Remote Desktop" certificate store with the "certmgr.msc" command, because it only displays certificate stores under your current login account.
To access the "Remote Desktop" certificate store under the "Computer Account", you need to run the "certlm.msc" command, because it displays certificate stores under the local "Computer Account".
If the "certlm.msc" command is not available on your Windows system, you can create a new Certificate Console for the "Computer Account" yourself:
1. Run "mmc.exe" command as an administrator. A new empty console displayed.
2. Click "File > Add/Remote Snap-in..." menu. The Snap-in type selection screen displayed.
3. Double click on "Certificate". The account selection screen displayed.
4. Select "Computer Account". And finish creating the console. The "Certificates (Local Computer)" console is listed in the left panel.
5. Open the certificate console, And open the "Remote Desktop" certificate store. The RDP server certificate is listed.
Table of Contents