D
Darkassassin07
Guest
I have been trying for 3 years now to automate this stupid process, but I can't find info anywhere and can't get replies to pleas for help.
For the love of god help me please.....
Here's what I have so far (powershell) running on windows 10 pro.
#Remove Old Cert
get-childitem "cert:\LocalMachine\My" |Where-Object { $_.Subject -like "*mydomain.example*" } | Remove-Item
#get new cert and import to store
$PasswordPfx = ConvertTo-SecureString -String "cert-password-example" -Force -AsPlainText
$newCertPfx = Import-PfxCertificate -FilePath "C:\Users\Darkassassin07\Documents\SSL\Active Cert\pfx.pfx" -Password $PasswordPfx -CertStoreLocation "Cert:\LocalMachine\My" -Exportable
#get rdp object
$wmi = (Get-WmiObject "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'")
#set thumb of rdp
Set-WmiInstance -InputObject $wmi -argument @{SSLCertificateSHA1Hash=$newCertPfx.Thumbprint}
This functions alright, replaces the self-signed cert or the currently active cert. until you restart the machine. Then all attempts to connect fail. Re-running the script does nothing. Deleting the installed cert does nothing until you restart the whole machine returning to a self-signed cert.
Restarting TerminalServices doesn't help, I have to remove the installed cert and restart the machine to get it functioning again.
The Set-RDCertificate cmdlet is empty, it contains no commands and isn't functional. Don't know why or how or what to do about it.
I'm at a total loss. My head hurts, I just don't know any more what to even look at. 3 years, and it still may as well be a manual process. I want to scream.
Continue reading...
For the love of god help me please.....
Here's what I have so far (powershell) running on windows 10 pro.
#Remove Old Cert
get-childitem "cert:\LocalMachine\My" |Where-Object { $_.Subject -like "*mydomain.example*" } | Remove-Item
#get new cert and import to store
$PasswordPfx = ConvertTo-SecureString -String "cert-password-example" -Force -AsPlainText
$newCertPfx = Import-PfxCertificate -FilePath "C:\Users\Darkassassin07\Documents\SSL\Active Cert\pfx.pfx" -Password $PasswordPfx -CertStoreLocation "Cert:\LocalMachine\My" -Exportable
#get rdp object
$wmi = (Get-WmiObject "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'")
#set thumb of rdp
Set-WmiInstance -InputObject $wmi -argument @{SSLCertificateSHA1Hash=$newCertPfx.Thumbprint}
This functions alright, replaces the self-signed cert or the currently active cert. until you restart the machine. Then all attempts to connect fail. Re-running the script does nothing. Deleting the installed cert does nothing until you restart the whole machine returning to a self-signed cert.
Restarting TerminalServices doesn't help, I have to remove the installed cert and restart the machine to get it functioning again.
The Set-RDCertificate cmdlet is empty, it contains no commands and isn't functional. Don't know why or how or what to do about it.
I'm at a total loss. My head hurts, I just don't know any more what to even look at. 3 years, and it still may as well be a manual process. I want to scream.
Continue reading...