I'm attempting to use the wmic approach of assigning a self-signed certificate for Remote Desktop use on a Windows Server 2012 VM as described here and here.
The CA for the RDP certificate has been installed under Local Machine > Trusted Root Certification Authorities and the RDP certificate itself has been installed under Local Machine > Remote Desktop.
When I attempt to issue the wmic command to use the imported RDP certificate, I receive the following error:
C:\Windows\system32> wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="3c7a7a78af9699b69182dff15329834113a518b3"
Updating property(s) of '\\SERVER\root\CIMV2\TerminalServices:Win32_TSGeneralSetting.TerminalName="RDP-Tcp"'
ERROR:
Description = Invalid parameter
…I also tried importing the RDP certificate under Local Machine > Personal, but the error message remains unchanged.
Best Answer
Stuck with the same issue for 3 hours, but found the root of the problem. In my case the reason for "Invalid parameter" error was that I've mistakenly imported a certificate without a corresponding private key.
So make sure, that when you open your certificate in General tab you see in the last line a key symbol and the text "You have a private key that corresponds to this certificate." Certificate with private key
It's quite easy to combine certificate and a key into pfx file. Have a look here https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/