SOLVED: How to Create a .PFX Certificate File

Published by Ian Matthews on

I needed to import a certificate into a Server 2016 RDS server but it was requesting a .PFX file I did not have, so I had a problem.  The certificate I wanted the RDS to use was already installed and functional but the RDS CONFIGURE THE DEPLOYMENT did not show the cert.

How to Create a .PFX File From An Already Installed Certificate:

  1. certificates-mmcLaunch a new MMC
    • Click START and type MMC.EXE then press the ENTER key
  2. Add the CERTIFICATE add-in
    • Click FILE > ADD/REMOVE SNAP IN
    • Double click CERTIFICATES
    • Select COMPUTER ACCOUNT > click NEXT > leave it on LOCAL COMPUTER and click the FINISH button
  3. Expand CERTIFICATES > PERSONAL > CERTIFICATES
  4. Right click on the certificate in question (likely one  issued by a 3rd party like GoDaddy) and select ALL TASKS > EXPORT
  5. certificates-mmc-export-certificate-pfxClick NEXT button on the CERTIFICATE EXPORT WIZARD > YES, EXPORT THE PRIVATE KEY > NEXT button
  6. Click the PASSWORD checkbox and type the same password into both fields and click NEXT
  7. Click BROWSE and set a location a file name

In my case I then had to import the .PFX certificate into the the RDS system, but you may want to do something different with yours.

How to Import a .PFX Certificate Into Server 2016 RDS:

  1. rds-broker-add-pfx-certLaunch SERVER MANAGER
  2. Click REMOTE DESKTOP SERVICES
  3. Click OVERVIEW or COLLECTIONS
  4. Click TASKS  (top right corner)
  5. Select EDIT DEPLOYMENT PROPERTIES
  6. Click CERTIFICATES > RD CONNECTION BROKER – SINGLE
  7. Click SELECT EXISTING CERTIFICATE button
  8. Browse to your .PFX file, enter the password you created in step 6 above, and place a check in ALL THE CERTIFICATE TO BE ADDED TO THE TRUSTED ROOT… then click OK
  9. Click the APPLY button
    • You can only make one certificate change at a time
  10. Click RD CONNECTION BROKER – PUBLISHING
  11. Click APPLY THE CERTIFICATE THAT IS STORED ON THE RD CONNECTION BROKER SERVER
  12. Enter the password you created in step 6 above, and place a check in ALL THE CERTIFICATE TO BE ADDED TO THE TRUSTED ROOT… then click OK
  13. Repeat steps 10 to 12 for the RD WEB ACCESS and RD GATEWAY
  14. Have a nice day
Categories: Windows Server
Tags:

2 Comments

Hellen · November 22, 2022 at 4:32 pm

There is something in this. I will know, thank you very much for your help in this matter.

Reply

Randy · March 29, 2019 at 9:51 am

Thanks so much for this and a couple other related articles. Once Google helped me find them I had all my questions answered and certificates set up on our RDS server. I appreciate this!!!

Reply

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts

Step By Step - How to Remove Public IP Addresses From Azure

SOLVED: VIDEO: How To Remove Public IP Address & Save Money In Azure

In this short Azure tutorial we demonstrate how to remove static addresses from Azure virtual machines. In particular, we show how to remove static public IP addresses. 0:00 Introduction0:24 Why Remove Public IP Addresses0:44 How Read more…

windows powershell at work - man in front of screens

SOLVED: Discover Your PowerShell Version, Learn How to Upgrade PowerShell, & Explore the Latest Features in PowerShell

Windows PowerShell gets better all the time and Microsoft offers a major new release about every three years. Here are all of the things you need to know about the version of PowerShell. Command To Read more…

Simple PowerShell Command to List Size of Each Users Recycle Bin and total

SOLVED: Simple PowerShell Command to List Size of Each Users Recycle Bin & Total

Do you need to create a list table showing the size of each user’s recycle bin and then a total of all the disk space used on Recycle Bins? Well if so, this is the Read more…