i am getting below nessus findings on all my servers,kindly suggest for the fixing the below RDP related issues port used by certificates 443 and 3389 51192 SSL Certificate Cannot Be Trusted 57582 SSL Self-Signed Certificate
Asked
Active
Viewed 2,486 times
0
-
51192 SSL Certificate Cannot Be Trusted & 57582 SSL Self-Signed Certificate – bhagwat May 22 '19 at 06:34
1 Answers
0
Most likely your certificate is not signed by a CA, that is considered trusted by Windows - this can also mean you are using a certificate out of its defined scope (e.g. Certificate marked as usage type "Code Signing" for RDP).
- If you use a self-signed certificate (i.e. a certificate that was signed by your own CA) you have to import the CA certificate into Windows' trusted store.
- If your certificate's scope doesn't contain RDP, you need to create one where it does.
EDIT
You have to trust the CA on the client computers: They are the ones that check the certificate presented by the server for trustworthiness.
Eugen Rieck
- 20,271
-
-
First you diagnose the problem and find a solution on one server, then you deploy it either manually or via a script. – Eugen Rieck May 22 '19 at 06:48
-
-
They are in my answer: First of all you need to check the CA signature and usage scope of your certificate. – Eugen Rieck May 22 '19 at 07:05
-
i have done the needfull,as per you suggetion ,still nessuss giving same vulnarabilities – bhagwat May 22 '19 at 08:32
-
Which of the two possibilities was the problem and what did you do to resolve it? – Eugen Rieck May 22 '19 at 09:26
-
i have imported desktop certificate and personal certificate in trusted root certificate – bhagwat May 22 '19 at 11:43