Skip to main content

When connecting to a target using Remote RDP in PRA Cloud, we are encountering certificate warnings. I understand this is expected when using self-signed certificates. However, if connecting to a server with a CA-signed certificate issued by the organisation, these warnings should not appear.

Could anyone clarify:

 

  • What steps are required to ensure CA-signed certificates are properly recognised during RDP connections?
  • Do we need to provide BeyondTrust with a CA-signed certificate, or is this entirely dependent on the operating system’s certificate store on the user’s device?


Additionally, the documentation states that certificates stored in the operating system are trusted. Does this refer to the certificate store on the user’s local machine, or the machine where the Jumpoint resides?

Hello LeeAtkison, you mention you are ‘...connecting to a server with a CA-signed certificate issued by the organisation...’ Overall, this means the Certificate is not a Public CA Trusted Certificate, and thus will most likely, be considered untrusted from any device external to your own organisation. All Public CA Trusted Certificates are stored in each machines own Trusted Certificate Store.

Looking through some Microsoft documentation on how to stop those types of warnings, it is very likely you’ll need to update your certificate and deploy it to both Jumpoint and Endpoint machines in their Trust Certificate Stores.

 

Thanks Phil - so that answers my question. It’s dependent on the trusted CAs on the operating system of the user connecting to the jumpoint. Third parties will always get this error message being external and not having the CA in their trusted stores.

Reply


Badge Earners

  • BCIE: Privileged Remote Access
    Bruceyhas earned the badge BCIE: Privileged Remote Access
  • BCIE: Remote Support
    Bruceyhas earned the badge BCIE: Remote Support
  • BCA: Privileged Remote Access
    linehas earned the badge BCA: Privileged Remote Access
  • BCA: Password Safe
    linehas earned the badge BCA: Password Safe
  • BCA: Password Safe
    MedBouhas earned the badge BCA: Password Safe
Show all badges
Terms & ConditionsCookie settings