I have an issue while installing the SSL Certificate for RDS Deployment using GUI. Therefore, I use the PowerShell command to do that. Basically, the command is using Set-RDCertificate CmdLet.
The Set-RDCertificate cmdlet imports a certificate or applies an installed certificate to use with a Remote Desktop Services (RDS) role. You can use this cmdlet to secure an existing certificate by using a secure string for the password.
Get Installed SSL Certificate
To check the installed SSL Certificate for RDS Deployment, you can use the command Get-RDCertificate.
Install SSL Certificate
If you use the PFX file, you can use the command below:
$Password = ConvertTo-SecureString -String "EnterYourPassword" -AsPlainText -Force Set-RDCertificate -Role RDRedirector -ImportPath "C:\Certificates\Redirector07.pfx" -Password $Password -ConnectionBroker "RDCB.msnoob.com"
If you have already installed the SSL Certificate on your RDS Broker, you can use the following command to install the SSL Certificate. Make sure the SSL Certificate is installed in the “cert:\localmachine\my” store on each server running the specified RDS role.
Set-RDCertificate -Role RDRedirector -Thumbprint fedd995b45e633d4ef30fcbc8f3a48b627e9a28b -ConnectionBroker "RDCB.msnoob.com"
As you can see in the command above, there is “Role” parameter. This parameter specifies a certificate type associated with an RDS server role. There are four roles you can use:
- RDGateway
- RDWebAccess
- RDRedirector
- RDPublishing
PowerShell Script
To simplify the process of deploying/replacing the RDP certificate on the RDS Deployment, I have written a PowerShell Script that takes care of the SSL Certificate installation on RDS Deployment.
################################################################################### # File Name: RDSCert.ps1 # # Description: Simple Script to Apply RDS Certificate # # Version: 1.0 # # Creator: Ardian # # Emails: [email protected] # # Blog: msnoob.com # # # # Date: May 2019 # # Notes: RDSH Certificate Deployment # # # ################################################################################### Function Get-PfxFile(){ [System.Reflection.Assembly]::LoadWithPartialName(“System.windows.forms”) | Out-Null $FileBrowser = New-Object System.Windows.Forms.OpenFileDialog -Property @{ InitialDirectory = [Environment]::GetFolderPath('Desktop') Filter = 'Personal Information Exchange (*.pfx)|*.pfx' } $FileBrowser.ShowDialog() | Out-Null $FileBrowser.FileName } $Path = Get-PfxFile $Password = Read-Host "Enter your PFX file password" $Pass = ConvertTo-SecureString $Password -AsPlainText -Force $ConnectionBroker = Read-Host "Enter Connection Broker FQDN" Write-Host Write-Host "1. RDRedirector" Write-Host "2. RDGateway" Write-Host "3. RDWebAccess" Write-Host "4. RDPublishing" Write-Host "5. Configure All" Do { $choice = Read-Host "Select RDS Role you want to configure (1-5)" }while ((1..5) -notcontains $choice) switch ($choice){ "1" {Set-RDCertificate -Role RDRedirector -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path; break} "2" {Set-RDCertificate -Role RDGateway -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path; break} "3" {Set-RDCertificate -Role RDWebAccess -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path; break} "4" {Set-RDCertificate -Role RDPublishing -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path; break} "5" { Set-RDCertificate -Role RDRedirector -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path Set-RDCertificate -Role RDGateway -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path Set-RDCertificate -Role RDWebAccess -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path Set-RDCertificate -Role RDPublishing -Password $Pass -ConnectionBroker $ConnectionBroker -Import-Path $Path } }
Any question or feedback is welcome.
 role.){kind=link}