Hi
I am trying to sign a RDP after it's creation with the remote app manager, to implement something not available over the GUI (map only particular drives, not every drive into the RDP session). Unfortunately, it does not work:
>rdpsign /sha1 82BF48CF5BE3F8A2275D3C1B7CBA18E501802EB3 remote.rdp
Unable to use the certificate specified for signing. Error Code: 0x80090016
The rdp file could not be signed. Error Code: 0x80090016
Here some thoughts and things I have already tried:
- RemoteApp Manager signs the RDP with my cert
- Cert is with the private key in the local machines store (for troubleshooting copied also with private key to local user store and trusted root store)
- no spaces in thumbprint, no question mark either
- logged in as administrator
- CMD as administrator
The error means:
NTE_BAD_KEYSET 0x80090016 Keyset does not exist
see msdn.microsoft.com/en-us/library/windows/desktop/dd542646(v=vs.85).aspx
The certificate`s key usage has the following configured:
- Digital Signature
- Non-Repudiation
- Key Encipherment (e0)
Enhanced key usage:
- Server Authentication (1.3.6.1.5.5.7.3.1)
- Client Authentication (1.3.6.1.5.5.7.3.2)
- Any Purpose (2.5.29.37.0)
Application Policies:
- [1]Application Certificate Policy:
Policy Identifier=Server Authentication - [2]Application Certificate Policy:
Policy Identifier=Client Authentication - [3]Application Certificate Policy:
Policy Identifier=Any Purpose
So the cert should be right I guess
Any ideas?
Thanks for your support