search cancel

Decrypt Windows 2008 Server Remote Desktop Using Known Certificate and Key

book

Article ID: 173831

calendar_today

Updated On:

Products

SSL Visibility Appliance Software

Issue/Introduction

The purpose of this article is to provide the steps to configure the SSL Visibility in order to decrypt traffic from an RDP session in a Windows 2008 Server.

Resolution

The steps are the following:

  • Log in to the Windows Server 
  • Open IIS Manager
  • Create a cert/key via IIS Server Certificate manager. (This will be in.pfx format)
  • Export the .pfx file as it will need to be imported into the SSLV
  • If a .pfx file has been created with openssl import it here using the “Import” action.
    Ex. openssl pkcs12 -export -in RDcert.pem -inkey RDkey.pem -out RDCert_Key2.pfx

 

  • Open mmc.exe
  • Add Terminal Services Configuration snapin (Alternatively Click “Start”, then type tsconfig.msc)
  • Open RDP-Tcp connection
  • At the bottom of the pop-up window there is a certificate name that is currently being used for RDP. Press “Select” and choose the one that was previously created


 

 

  • Open the SSLV Web UI
  • Import the previously created key/cert into the Known Cerificates With Keys PKI store
  • Create a Decrypt(Certificate and Key Known) rule

 

 

Attachments