The server RDP certificate expires every 6 months and is automatically recreated, meaning I need to re-install the new certificate on the client machines to allow users to save password.
Is there a straightforward way to create a self-signed certificate with a longer expiry?
I have 5 servers to configure.
Also, how do I install the certificate such that terminal services uses it?
Note: Servers are not on a domain and I'm pretty sure we're not using a gateway server.
Best Answer
You can create a self-signed certificate with many different tools. Makecert is one such tool:
http://msdn.microsoft.com/en-us/library/bfsktky3(v=vs.110).aspx
The OID for 'Server Authentication' is 1.3.6.1.5.5.7.3.1, so the argument
-eku 1.3.6.1.5.5.7.3.1
will be in there somewhere.That should get you a self signed certificate in your computer's personal store that expires in 2036.