Hello. I've noticed that RDP certificates on all of our production boxes have self-signed certificates located in their respective "Remote Desktop" certificate store.
I would like all of our servers to use signed, trusted certificates from our internal PKI instead of self-signed certs Windows servers automatically generate.
I found these two articles that pretty much outline the same process but I get an error when I try to connect:
http://www.petenetlive.com/KB/Article/0000944.htm
http://www.derekseaman.com/2013/01/creating-custom-remote-desktop-services.html
"This computer can't connect to the remote computer. Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator"
I'm using my Windows 8.1 workstation to RDP into a Windows 2012 R2 box. I created the RDP cert template and GPO in accordance to articles and placed the R2 box in a test OU that has that GPO applied. I'm testing it on a particular R2 box before releasing it production-wide. Also, I can confirm via PortQry and NMAP that the R2 box is listening on port 3389.
Any thoughts????? Thanks!