The purpose of this article is to provide the steps to configure the SSL Visibility in order to decrypt traffic from an RDP session in a Windows 2008 Server.

The steps are the following:

• Log in to the Windows Server 
• Open IIS Manager
• Create a cert/key via IIS Server Certificate manager. (This will be in.pfx format)
• Export the .pfx file as it will need to be imported into the SSLV
• If a .pfx file has been created with openssl import it here using the “Import” action.
  Ex. openssl pkcs12 -export -in RDcert.pem -inkey RDkey.pem -out RDCert_Key2.pfx

• Open mmc.exe
• Add Terminal Services Configuration snapin (Alternatively Click “Start”, then type tsconfig.msc)
• Open RDP-Tcp connection
• At the bottom of the pop-up window there is a certificate name that is currently being used for RDP. Press “Select” and choose the one that was previously created

• Open the SSLV Web UI
• Import the previously created key/cert into the Known Cerificates With Keys PKI store
• Create a Decrypt(Certificate and Key Known) rule