You may be trying to access this site from a secured browser on the server. Please enable scripts and reload this page.
Turn on more accessible mode
Turn off more accessible mode
Skip Ribbon Commands
Skip to main content
To navigate through the Ribbon, use standard browser navigation keys. To skip between groups, use Ctrl+LEFT or Ctrl+RIGHT. To jump to the first Ribbon tab use Ctrl+[. To jump to the last selected command use Ctrl+]. To activate a command, use Enter.
Site Actions
This page location is:
Ondrej Sevecek's Blog
Ondrej Sevecek's English Pages
Comments
easiest script
Browse
Tab 1 of 2.
View
Tab 2 of 2.
Sign In
Edit
Item
Version History
Manage Permissions
Delete Item
Manage
Ondrej Sevecek's English Pages
Comments
: easiest script
Engineering and troubleshooting by Directory Master!
This Site
This List
Home
Currently selected
Contacts
Quick Posts
Quick Launch
Libraries
Site Pages
Pictures
General
Lists
Links
Posts
Comments
Categories
Quick Posts
Discussions
Surveys
All Site Content
Sorry comments are disable due to the constant load of spam
2
Title
easiest script
Author
Oliver Wilcock
Body
If you make Terminal Server forget the old/archived certificate then it finds the new certificate and works. This seems to be safe and is instantly effective. No need to restart services or reboot following the change. The below command does it and reveals the registry value that can be deleted.
reg.exe delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations" /v "TemplateCertificate" /f
There are many misdirecting errors messages associated with this problem. I was seeing "The computer requires Network Level Authentication, which your computer doesn't support." at the client.
The server would concurrently show system event log Schannel event id 36870 A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030d. The internal error state is 10001.
Alternately if NLA wasn't required the client would complain that it was unable to verify the server.
Attachments
Created at 24/05/2018 15:02 by
Last modified at 24/05/2018 15:02 by
