Remote Desktop connection using TLS/SSL no certificate warning with Vista RDP-Client
Hi, I configured a terminal server (Vista, Windows 7, ...) to require the use of SSL/TLS for RDP connections, based on the steps described in [1]. No my problem is, that on machines running Windows Vista as RDP-Client, if I connect to the server (also Vista and 7), the certificate warning [1 see Figure U] does not appear, the connection will be established without any message. This happens on every Vista machine I tested (physical and virtual machines). From Windows XP (with the actual RDP-Client installed) and Windows 7 it works fine an the certificate warning appears. Does anybody have a hint for me? The configuration is right, because it works with the XP and 7 RDP-Client. The case happens only on Vista with the included RDP-Client. I tested it only with Windows 7 and XP to ensure that the configuration is ok. The certificate is not installed as trusted. Every used operating system is up to data. Second question, when will the Windows 7 RDP Client (v 7.0) be available for Windows Vista and XP? Thanks Manuel [1] http://articles.techrepublic.com.com/5100-10878_11-6166676.html
June 5th, 2009 3:16am

Hi Manuel, I suggest you first try the solution in the following thread: Remote Desktop Security Warning http://social.technet.microsoft.com/Forums/en-US/itprovistasecurity/thread/a19df0c1-b0c0-4c25-8d34-a5d50268eddc For Windows 7 related issue, I recommend you post it in Win 7 forum via: http://social.technet.microsoft.com/Forums/en/category/w7itpro Hope this helps!Sean Zhu - MSFT
Free Windows Admin Tool Kit Click here and download it now
June 8th, 2009 4:04am

Hi Sean, i tried this advice days before, the same behavior. Does someone encouter the same problem? Summarized: Vista or Seven act as Terminal Server with TLS/SSL configured for authentication. Connection: Client Server XP -> Vista | Certiciate error Seven -> Vista | Certificate error Vista -> Vista | no Error, no warning XP -> Seven | Certificate error Seven -> Seven | Certificate error Vista -> Seven | No error, no warning As I mentioned, the operating systems are clean installs and up to date. In the RDP-Client settings Advanced Tab I use on Server authentication "Warn me", but even if I use "Dont connect if authentication fails" the connection will be established. I found a way (inofficial) way to use the Windows 7 RDP Client on Vista. But although the same, no certificate error, strange? Either I am the only one with this fault, or nobody use TLS/SSL with RDP on Vista *g* Thanks Manuel
June 8th, 2009 3:13pm

Hi Manuel, Did you find the reason for the above behaviour. I m also facing a similar issue. Regards SanaSana
Free Windows Admin Tool Kit Click here and download it now
August 1st, 2011 4:06pm

Hi Sana, I wrote in 2009 to the Remote Desktop Team from Microsoft and founde the regarding Mail (Thanks to Desktop search :-)). But the issue appears only in Vista so with 7 you do not have the problem. The answer from the RDP Team: This issue is caused by the limitation of CredSSP implementation on Vista. On Vista server authentication cannot be controlled by RDP Client when CredSSP protocol is used. The only way to enforce server authentication is through group policy. You have to disable "Allow Delegating Fresh Credentials with NTLM-only Server Authentication". See http://msdn.microsoft.com/en-us/library/bb204773.aspx for more info. In Win 7 this issue is fixed and you can configure RDP Client to enforce server authentication. In XP by default RDP Client uses TLS protocol instead of CredSSP, that's why you see the warning. Regards Manuel
August 6th, 2011 10:50am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics