i am getting below nessus findings on all my servers,kindly suggest for the fixing the below RDP related issues port used by certificates 443 and 3389 51192 SSL Certificate Cannot Be Trusted 57582 SSL Self-Signed Certificate
1
-
51192 SSL Certificate Cannot Be Trusted & 57582 SSL Self-Signed Certificate– bhagwatCommented May 22, 2019 at 6:34
Add a comment
|
1 Answer
Most likely your certificate is not signed by a CA, that is considered trusted by Windows - this can also mean you are using a certificate out of its defined scope (e.g. Certificate marked as usage type "Code Signing" for RDP).
- If you use a self-signed certificate (i.e. a certificate that was signed by your own CA) you have to import the CA certificate into Windows' trusted store.
- If your certificate's scope doesn't contain RDP, you need to create one where it does.
EDIT
You have to trust the CA on the client computers: They are the ones that check the certificate presented by the server for trustworthiness.
answered May 22, 2019 at 6:40
-
-
First you diagnose the problem and find a solution on one server, then you deploy it either manually or via a script. Commented May 22, 2019 at 6:48
-
-
They are in my answer: First of all you need to check the CA signature and usage scope of your certificate. Commented May 22, 2019 at 7:05
-
i have done the needfull,as per you suggetion ,still nessuss giving same vulnarabilities– bhagwatCommented May 22, 2019 at 8:32