Renew your Remote Desktop Server SSL Certificate

Share on linkedin
LinkedIn
Share on twitter
Twitter
Share on facebook
Facebook
IT Networks How-To Logo

There are many articles online on how to renewal a SSL certificate, however they are generic and not focused on Remote Desktop Servers. Below is a quick and easy way to renew your SSL Certificate on your RDS or Terminal Server.

As we are Aussie based, this guide uses Synergy Wholesale as the reseller of SSL Certificates.

Okay lets go:

Renew Your SSL Certificate

  1. Head over to your certificate provider, in our case Synergy Wholesale, and go to the expiring SSL Certificate and click Renew
    renew SSL certificate at Synergy Wholesale
  2. An email for domain validation will now be sent to the following email addresses:
    • administrator@domain.com.au
    • webmaster@domain.com.au
    • hostmaster@domain.com.au
  3. Once the email is received at the above addresses, obviously accept the domain validation
    accept ssl domain validation
  4. Approval will take a few hours and sometimes days! Please wait for the approval with the attached new Certificate.ssl email with new certificate
  5. In the email, highlight and copy the certificate text, including the ‘Begin Certificate’ & ‘End Certificate’ in to a new Notepad filessl certificate
  6. Save the File as certificate.cer
  7. Log into your Remote Desktop Server and open IIS.msc
  8. Expand your Site and open ‘Server Certificates’IIS Server Certificate
  9.  On the Action pane click ‘Complete Certificate Request’, then fill-out the details as required.
    • Friendly Name = A meaningful name to identify the Certificate

    complete the certificate request

  10. Right-click the newly added Certificate and choose Export
  11. Complete the details, ensure to save as *.PFXexport ssl certificate
  12. Open Server Manager and go to Remote Desktop Servicesopen server manager
  13. Under Deployment Overview, click Tasks > Edit Deploymentedit RDS deployment
  14. Click on Certificates then highlight the first Role Service > Select Existing Certificateedit roles with new certificate
  15. Choose A Different Certificate, locate the *.PFX file you exported earlier and password you typed during exportedit ssl deployment part 3
  16. Repeat step 14 for each additional Role Service that requires the new SSL Certificate
  17. Click OK when done
  18. Reboot your Server
  19. For a security sanity check head over to https://www.ssllabs.com/ssltest  and test your new SSL Certificate!

I hope this was of some use, as with all our articles, please feel free to reach out if you need assistance.