0

Environment: Windows 2012 on Workgroup setting.

Our Remote Desktop Service was using a self-signed certificate, which was deleted.

Actions taken to delete are:

  1. MMC > File > Add/Remove Snap in > Certificates > Computer Account > Local Computer > Finish.
  2. Under Console Root hierarchy: Console Root > Certificates (Local Computer) > Remote Desktop
  3. Certificate selected and deleted.

Is there a way to recover or find that certificate?

SJaka
  • 145
  • 1
  • 3
  • 14

1 Answers1

2

The certificate and related private key are gone. You could get the certificate from a client but not the private key. Unless you have a backup you should consider it as lost.

Jofre
  • 549
  • 1
  • 4
  • 11
  • Where is it stored? – SJaka Apr 01 '16 at 20:38
  • 1
    Personal certificates and key are stored in the personal AppData folder but system and machine certificates and keys are stored in the registry. – Jofre Apr 01 '16 at 21:46
  • Some of the regsitry keys are HKEY_Current_User\Software\Microsoft\SystemCertificates HKEY_Current_User\Software\Policies\Microsoft\SystemCertificates HKEY_Users\User SID\Software\Microsoft\SystemCertificates HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\Services\ServiceName\SystemCertificates HKEY_Local_Machine\Software\Microsoft\SystemCertificates HKEY_Local_Machine\Software\Policies\Microsoft\SystemCertificates HKEY_Local_Machine\Software\Microsoft\EnterpriseCertificates – Jofre Apr 01 '16 at 21:47