Home > Others

about 3389 Remote Desktop login solution with SSL encryption

Source: Internet
Author: User
Tags remote desktop access
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
3389 Why do I use SSL encryption for Remote Desktop Connection?
To protect the safety of sensitive data in transit, many well-known enterprises in the World adopt SSL (Security Socket Layer) encryption mechanism. SSL constructs a secure channel between the browser and the Web server for data transmission, SSL runs on top of the TCP/IP layer, under the application layer, provides the encrypted data channel for the application, uses encryption algorithms such as RC4, MD5 and RSA, and uses 40-bit keys to encrypt business information.
First, server Remote Desktop settings:
By default, the Remote Desktop feature does not support SSL encryption authentication, even if we apply and install the certificate.
The first step is to start the TSCC Terminal Services Configuration window by using the "Start-> Program-> management tool-> Terminal Services Configuration" of the taskbar. (Figure 1)
The second step: in the TSCC Terminal Services Configuration window we point "terminal clothing overlapping part shading?> connection", in the right window will display Terminal Services, we click on its right mouse button select "Properties". (Figure 2)
Step three: There is an "edit" button next to the certificate settings in the General tab, and click the button to open the Certificate Settings window. Then, check the certificate to find the certificate (certificate name 10.91.30.45) that we installed in the previous article. (Figure 3)

Step Fourth: After you select the certificate, you also need to set the security level in the General tab, we set the security layer to "SSL" and set the encryption level to high. Make sure that all server Remote Desktop setup work is completed. (Figure 4)
Second, the client installs the Attestation certificate:
Since the server uses certificates for SSL encryption authentication, it is also necessary to install these certifications on the client computer. Remote Desktop access will not be available if you do not install it. There are two ways to get a certificate, which we will introduce.
1 Export the certificate from the TS server:
Step one: Through the "Start->" of the taskbar, enter MMC to start the MMC snap-in. (Figure 5)
Step two: After you open the MMC snap-in, we need to load Certificate Services by adding/removing snap-in from the file-> in the Console menu. (Figure 6)
Step Three: Locate the certificate snap-in from the Available Standalone Snap-ins, and then click the Add button to load the snap-in. (Figure 7)
Fourth step: After you select Computer account in the Certificates snap-in, click Next. (Figure 8)
Fifth step: Complete the operation after you find "local computer" in the Select Computer window. (Figure 9)
Sixth step: After returning to the console interface, we select the console Root-> certificate (local computer)-> personal-> Certificate, and in the right window you will see all the certificates currently installed by the server. We found the certificate for the SSL encryption connection. (Figure 10)
The seventh step: after the right mouse button on the certificate Select "Open", in the Certificate information interface Select "Details", and then click the "Copy to File" button below, copy the certificate. (Figure 11)

Eighth step: Immediately after opening the Certificate Export Wizard, click Next. (Figure 12)
Step nineth: Export the private key to select "No, do not export private key." (Figure 13)
Step Tenth: Export the file format by selecting DER encoded Binary X.509 (. CER). (Figure 14)

11th Step: Select the path to save the exported file, the general direct selection of the desktop can be. (Figure 15)
12th Step: Completing the Certificate Export Wizard configuration work, the certificate file was successfully saved. (Figure 16)
Step 13th: When the file is saved to the desktop, we can copy the certificate file to another computer, and all clients that are ready to connect to the server through the Remote Desktop will need to install the certificate.
14th Step: Double-click the certificate file directly to install, in the General tab, there is a "Install Certificate" button. (Figure 17)
15th step: After the "Install Certificate" button to enter the Certificate Import Wizard, we select "according to the type of certificate, automatically select the certificate store" after the "next" point. As shown in Figure 18)

Step 16th: Complete the import of all certificates. (Figure 19)

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
remote desktop connection manager change login credentials learn about ssl certificates about ssl certificates pgp desktop encryption symantec encryption desktop symantec encryption desktop download ssl encryption method

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More