Tips for configuring RDS certificates

I have been working different RDS environments and noticed that certificates are one thing what you really need to think about, before installations. Will share few good points. 

Easiest way to hande your certs is the use wildcard certs. If that´s not possible you need to keep few things in mind.
– When using internal CA add all of the RDS deployment servers to SAN and notice that there can be added only 5 server names. If environment is larger you need to use wildcard certificate.
– After requesting certificate from your CA you need to export it and then import via Remote Desktop Services tool on Connection Broker server

As you may understand, when connection is established to broker connection will continue to session hosts or virtualization hosts. You need to configure session host server certificates or you will get information about untrusted certificates.

To do this, import your earlier created certificate to personal store of computer.
Check the certificate thumbrint with following command:


Copy thumbrint and then apply current thumbring to server with following command:



Leave a Reply

Your email address will not be published. Required fields are marked *