Windows 10: The server you are connected to is using a certificate that can not be verified. The target...

Discus and support The server you are connected to is using a certificate that can not be verified. The target... in Windows 10 BSOD Crashes and Debugging to solve the problem; I get the following message and don't understand what it means or how I can correct it. I need help! "The server you are connected to is using a... Discussion in 'Windows 10 BSOD Crashes and Debugging' started by Joe Portugal, Feb 12, 2020.

  1. The server you are connected to is using a certificate that can not be verified. The target...


    I get the following message and don't understand what it means or how I can correct it. I need help!


    "The server you are connected to is using a certificate that can not be verified. The target principal name is incorrect. View certificate. Do you want to continue using this server? Yes No"

    :)
     
    Joe Portugal, Feb 12, 2020
    #1
  2. gogoud Win User

    How to provide a verified server certificate for Remote Desktop (RDP) connections to Windows 10

    You can set this host machine to use and present your (existing, purchased) externally-verified SSL certificate thus (instructions probably also work for Windows 8 & 8.1, may or may not work for Windows 7) (parts of this based on a Microsoft KB 2001849):

    First, you need to have purchased a genuine verified ssl certificate.

    If you have this certificate in pkcs12 format file (e.g. pfx extension) you can view SHA1 fingerprint using Linux or Cygwin thus (you will need it below):

    Alternatively if you have the individual certificate files in your Linux server at /etc/ssl (/etc/ssl/certs/mysite.crt, /etc/ssl/mysite.ca-bundle and /etc/ssl/private/mysite.key) you can create pfx file and obtain SHA1 fingerprint thus:

    1. Create pfx file for your certificate, if you don’t already have one (here: mysite.pfx) – set a good password when requested:
      sudo openssl pkcs12 -export -out mysite.pfx -inkey /etc/ssl/private/mysite.pem -in /etc/ssl/certs/mysite.crt -certfile /etc/ssl/mysite.ca-bundle
    2. Move or copy this pfx file as required so that it is accessible by your Windows host machine.
    3. View SHA1 fingerprint of the key (you will need this below):
      openssl x509 -in /etc/ssl/certs/mysite.crt -noout -fingerprint

    Import pkcs12 format (e.g. pfx) file into Windows host machine’s personal certificates store:

    1. Start/Run/mmc
    2. File/Add Remove Snap-in/Certficates/Add/Computer Account/Local Computer/OK
    3. In the left-hand window right-click on Certificates (Local Computer)/Personal, choose All Tasks/Import…
    4. Locate the pfx file and import it, I suggest that for security reasons you don’t make it exportable.
    5. Expanding your Personal/Certificates you should now see 3 certificates, one of which is your site certificate (e.g. mysite.com). Right-click on this site certificate and right-click, choose All Tasks / Manage Private Keys…
    6. Add user ‘NETWORK SERVICE’ with Read permission only (not Full Control), then Apply
    7. Close mmc

    Use regedit to add a new Binary Value called SSLCertificateSHA1Hash at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp. The value it needs is the SHA1 fingerprint of the certificate obtained above: right-click on the new value, choose Modify and then type in the hex codes sequentially (without colons or spaces or commas, letters are not case-sensitive) – there are 20 hex pairs in all (40 characters).

    You may need to reboot the host machine, or restart Remote Desktop Services (from Services.msc) before it will work.

    Now, after making a remote desktop connection to this host using the correct site name (e.g. mysite.com) you should see a locked padlock on the left-hand side of the top connection bar: clicking on this shows that the identity of the remote computer was verified. A port that is open from the internet through to this host should now pass PCI-DSS 3.1 hostname testing.
     
    gogoud, Feb 12, 2020
    #2
  3. gogoud Win User
    How to provide a verified server certificate for Remote Desktop (RDP) connections to Windows 10

    We have a Windows 10 Pro machine at our office which has an open port to the internet for incoming remote desktop connections (a ‘host’). It is well protected by complex password and limited number of permitted attempts and only TLS 1.1 or higher, but it doesn't present an externally-verified SSL certificate, only the self-generated self-signed one that Remote Desktop Services provides, and this gives us two problems:

    1. We cannot be fully confident when connecting remotely we really are connecting to this machine and not some hijacked connection.
    2. Our site fails PCI-DSS 3.1 compliance check (required because we use there a point-of-sale debit/credit card machine that connects via internet). The check reports fatal errors on this internet-facing remote desktop port: 'SSL Self-Signed Certificate' and 'SSL Certificate with Wrong Hostname'.

    How do I get a Windows 10 Pro (or Windows 7 / 8 / 8.1 Pro) machine acting as server/host to present a proper SSL certificate for Remote Desktop verification?
     
    gogoud, Feb 12, 2020
    #3
  4. The server you are connected to is using a certificate that can not be verified. The target...

    Server certification failed,could not connect to server

    Server certification failed. Can not connect to server, no certificate on simply or phone, whatsapp,chat,nokia mail,ovi suite not working on my Nokia x2- 01
     
    Himanshu1---01, Feb 12, 2020
    #4
Thema:

The server you are connected to is using a certificate that can not be verified. The target...

Loading...
  1. The server you are connected to is using a certificate that can not be verified. The target... - Similar Threads - server are connected

  2. Does Kerberos S4U with a certificate verify the certificate

    in Windows 10 Gaming
    Does Kerberos S4U with a certificate verify the certificate: We are attempting verify an Active Directory machine account, using Kerberos S4U with a Certificate.The client sends the public part of a provisioned certificate to a remote server. The server then attempts to locate the machine account using Kerberos S4U with the public...
  3. Does Kerberos S4U with a certificate verify the certificate

    in Windows 10 Software and Apps
    Does Kerberos S4U with a certificate verify the certificate: We are attempting verify an Active Directory machine account, using Kerberos S4U with a Certificate.The client sends the public part of a provisioned certificate to a remote server. The server then attempts to locate the machine account using Kerberos S4U with the public...
  4. Is ADO Pipeline "Powershell on target machine" able to connect to destination server using...

    in Windows 10 Gaming
    Is ADO Pipeline "Powershell on target machine" able to connect to destination server using...: To restrict the WinRM, we usually disable all default endpoint to connect remotely with Local\Network Deny permission for each endpoint.For who wish to use WinRM, we always create customize sessionconfiguration for specify account to connect.However, I cannot find a way for...
  5. Is ADO Pipeline "Powershell on target machine" able to connect to destination server using...

    in Windows 10 Software and Apps
    Is ADO Pipeline "Powershell on target machine" able to connect to destination server using...: To restrict the WinRM, we usually disable all default endpoint to connect remotely with Local\Network Deny permission for each endpoint.For who wish to use WinRM, we always create customize sessionconfiguration for specify account to connect.However, I cannot find a way for...
  6. Can you use the Server Manager to manage Windows 8.1 server

    in Windows 10 Software and Apps
    Can you use the Server Manager to manage Windows 8.1 server: I have a windows 8.1 server Not windows server 2012 or 2016 that I would like to manage using the server Manager. The server is just a home server for plex and file sharing. I have tried using RSAT for windows 8.1 remote Server Administration Tool,...
  7. can you use device manager remotely on a Windows 10 target?

    in Windows 10 Gaming
    can you use device manager remotely on a Windows 10 target?: I have a Windows 10 computer. I am trying to use Device Manager on a remote Windows 10 computer.I open up Computer Management and then I right click Computer Management and select Connect to another computer and input the hostname of the target Windows 10 computer.Computer...
  8. can you use device manager remotely on a Windows 10 target?

    in Windows 10 Software and Apps
    can you use device manager remotely on a Windows 10 target?: I have a Windows 10 computer. I am trying to use Device Manager on a remote Windows 10 computer.I open up Computer Management and then I right click Computer Management and select Connect to another computer and input the hostname of the target Windows 10 computer.Computer...
  9. can you use device manager remotely on a Windows 10 target?

    in Windows 10 Drivers and Hardware
    can you use device manager remotely on a Windows 10 target?: I have a Windows 10 computer. I am trying to use Device Manager on a remote Windows 10 computer.I open up Computer Management and then I right click Computer Management and select Connect to another computer and input the hostname of the target Windows 10 computer.Computer...
  10. security certificate not verified.

    in Windows 10 Network and Sharing
    security certificate not verified.: I use outlook for my emails. When I send the first email of the day a dialogue box appears stating that the server I am connected to is using a security certificate that cannot be verified. It states the target principal name is incorrect. Is this a problem with my system...