This procedure describes how to use Remote Desktop Gateway Manager to create a self-signed certificate, if you did not already create one by using the Add Roles Wizard when you installed the Remote Desktop Gateway role service.
We recommend that you use self-signed certificates only for testing and evaluation purposes.
Membership in the local Administrators group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at http://go.microsoft.com/fwlink/?LinkId=83477.
|To create a self-signed certificate for the Remote Desktop Gateway server|
On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Gateway Manager.
In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, which is named for the computer on which the RD Gateway server is running, and then click Properties.
In the results pane, under Configuration Status, click View or modify certificate properties.
On the SSL Certificate tab, click Create a self-signed certificate, and then click Create and Import Certificate.
In the Create Self-Signed Certificate dialog box, do the following:
- In the Certificate name box, verify
that the correct fully qualified domain name (FQDN) is specified
for the self-signed certificate, or specify a new name. The FQDN
must match the DNS name that the client uses to connect to the
RD Gateway server, unless you are using wildcard certificates
or the SAN attributes of certificates.
- To store the root certificate in a specified
location so that you can manually distribute the root certificate
to clients, verify that the Store the root certificate check
box is selected, and then specify where to store the certificate.
By default, this check box is selected and the certificate is
stored under the %Windir%\Users\<Username>\Documents
- Click OK.
- In the Certificate name box, verify that the correct fully qualified domain name (FQDN) is specified for the self-signed certificate, or specify a new name. The FQDN must match the DNS name that the client uses to connect to the RD Gateway server, unless you are using wildcard certificates or the SAN attributes of certificates.
If you selected the Store the root certificate check box and specified a location for the certificate, a message will appear stating that RD Gateway has successfully created the self-signed certificate, and confirming the location of the stored certificate. Click OK to close the message.
Click OK again to close the RD Gateway server Properties dialog box.
- For information about other methods for
obtaining a certificate and certificate requirements for
RD Gateway, see Obtain a Certificate for
the Remote Desktop Gateway Server.