Configure wildcard (*.domain.com) on Terminal Server 2003

[Guest Kirstin Koch]

I have a Windows Server 2003 R2 Terminal Server that I want to use with my

wildcard certificate (*.domain.com) that was purchased through Comodo. The

certificate request was originally completed through IIS 6.0 on my Exchange

Server 2003 SP2, where I checked the option to use the Microsoft

RSA/SChannel Cryptographic Service Provider (CSP).

 

After receiving the certificate from Comodo, I exported the private key to a

PKCS#12 file and included all certificates. Then I imported this PFX file

into the Terminal Server's Personal certificate store under the Computer

Account.

 

Yet, when I attempt to select this certificate in the properties of the

RDP-Tcp connection in Terminal Services Configuration, no certificates are

displayed after clicking on the Edit button.

 

I've had a difficult time trying to find any definitive How-To instructions

on the web for securing Terminal Server 2003 with SSL. Can anyone tell me

what I missed or point me in the right direction?

 

Thanks for your time.

 

--------------------------

Kirstin Koch

[Guest Ratnesh Yadav [MSFT]]

Re: Configure wildcard (*.domain.com) on Terminal Server 2003

 

The certificate must meet the following criteria

Certificate is a computer certificate

Certificate is for server authentication

Certificate must have a private key

Certificate is stored in the TS personal store

Certificate has a Crytographic Service Provider that can be used for

TLS/SSL

 

The client computer must also meet some criteria

Must run Windows 2000, Windows XP, Windows 2003 or Windows Vista

Must use RDP Client 5.2 orhigher, this can be found on the 2003 SP1

server under %systemroot%\system32\clients\tsclient\win32\msrdpcli.msi

Must trust the root CA for the certificate

 

Check following link for more info

http://technet2.microsoft.com/windowsserver/en/library/a92d8eb9-f53d-4e86-ac9b-29fd6146977b1033.mspx?mfr=true

 

Ratnesh

 

"Kirstin Koch" <Kirstin@pcs-sf.com> wrote in message

news:utyR86OlIHA.5396@TK2MSFTNGP06.phx.gbl...

>I have a Windows Server 2003 R2 Terminal Server that I want to use with my

>wildcard certificate (*.domain.com) that was purchased through Comodo. The

>certificate request was originally completed through IIS 6.0 on my Exchange

>Server 2003 SP2, where I checked the option to use the Microsoft

>RSA/SChannel Cryptographic Service Provider (CSP).

>

> After receiving the certificate from Comodo, I exported the private key to

> a PKCS#12 file and included all certificates. Then I imported this PFX

> file into the Terminal Server's Personal certificate store under the

> Computer Account.

>

> Yet, when I attempt to select this certificate in the properties of the

> RDP-Tcp connection in Terminal Services Configuration, no certificates are

> displayed after clicking on the Edit button.

>

> I've had a difficult time trying to find any definitive How-To

> instructions on the web for securing Terminal Server 2003 with SSL. Can

> anyone tell me what I missed or point me in the right direction?

>

> Thanks for your time.

>

> --------------------------

> Kirstin Koch

>