How to configure RDP with TLS in Window 7

Question

I have server and client running OS Window 7 ultimate. I would like to configure so that server and client communicate under TLS.

At server, I go Local Group Policy-> Remote Desktop Host -> Security to enable Secure Layer to TLS1.0.

When I connect the server from client, I did capture the packet using Wireshark, but I never see the TLS setup .

I did google alot regarding how to set up the TLS. It said that the self-signed cert is not trusted from the trusted root CA. Is it because of this so the TLS can't set up?

Off-topic here. Voting to move to SuperUser. – Bruno Jan 26 '13 at 14:15 — Bruno, Jan 26 '13 at 14:15

score 0 · Accepted Answer · answered Jan 26 '13 at 14:20

Wireshark often can't guess the protocol when the protocol changes on the same connection. This is typically the case for most protocols that upgrade to SSL/TLS on the same connection (using STARTTLS-like mechanisms).

If you want to see this, you have to tell Wireshark to decode the packets as SSL/TLS: right-click and choose Decode As -> Transport -> SSL.

This should work even with a self-signed certificate (typically one is generated automatically and configured by default on a Windows 7 Pro machine, for example). In this case, if you want the connection the be secure, you'd need to verify manually that it is the certificate set up on that machine.

How to configure RDP with TLS in Window 7

1 Answers1