Resigning the RDP signature. Windows Server

Resigning the RDP signature. Windows Server

May 14th, 2013 // 5:04 pm @

This quick guide will help you to fix the error message that a RDP user will see if they are using a RDP hosted software, which in my case was Spectra, and Caseware.

Error Message:

The digital signature of the RDP file could not be verified

This is a really simple issue, but yet frustrating. The reason that you see this message is most likely your certificate expiry date. So we will create a new cert, remove the old one and update cert link with Server manager ( ATT: it’s very important to update the link, or else it won’t make a difference)


  1. Open an MMC console on the RemoteApp server. (type MMC in the command bar)
  2. Press CTRL+M or File > Add/Remove Snap-In
  3. Select Certificates from the Snap-in list and click the Add button.
  4. Under “Cert sanp-in” window, choose Computer Account > Next > Check ” Local Computer ….. ” option > hit OK
  5. Expand Certificates (Local Computer) > Personal and right-click on Certificates
  6. Select All Tasks > Request New Certificate… ( The Cert Wizard will start)
  7. Request a new Computer certificate. ( Follow instructions)
  8. Now, you will see the new cert in your cert list. OPTIONAL  : you may remove the old one. ( Make sure you are removing the correct cert, by checking their expiry dates)
  9. Launch the Server Manager from Start > All Programs > Administrative Tools > Server Manager
  10. Wait until server collects the roles data
  11. Expand Roles > Remote Desktop Services > RemoteApp Manager (YOUR SERVER NAME) .
  12. From RemoteApp Program (bottom-middle pane) highlight the target software.
  13. From Top-Right pane, click on “Digital Signature Setting”
  14. Hit Change, you should see a list of current certs, along with their validation period (From- To)
  15. Choose the newly generated cert, then OK > OK
  16. This should fix the issue, now this will apply to all other programs under “RemoteApp Programs”. 99.99% that should be the case, but for any reason if you need to do otherwise, you have to override each option seprately


You all have fun now!


Category : Common Techniques

2 Comments → “Resigning the RDP signature. Windows Server”

  1. Francis

    10 years ago

    Hey Arad,
    Would this work if I create the signature on Windows then transfer the .CRS to my Linux server? I am Using Ubuntu, but my siging server is a Windows.

    btw, you have great website.
    Cheers mate

    • Arad Gharagozli

      10 years ago

      Hey Francis,
      I think you mean the CSR file not CRS. as long as you are using them for the same domain you should be good, however it wont be as easy as just copy/pasting the .key file. you need to match the headers. I’ll email you the instruction on how to do that.
      It’ll be tomorrow though, I’m heading home 😛


On LinkedIn



"I have no special talent.
I am only passionately
Albert Einstein

Subscribe Now