Starting with version 9.20,RDPlus provides an easy to use feature to generate of a free and valid HTTPS certificate.
In 3 mouse clicks you will get a secured valid certificate, renewed automatically, and configured automatically into RDPlus built-in web server.
This feature uses Let’s Encrypt to provide a free and secure HTTPS certificate for your HTTPS connections.
Please ensure that your RDPlus server meet these requirements before using the Free Certificate Manager:
It is not possible to get a certificate for an IP address, be it public or private.
It is not possible to get a certificate for an internal domain name (i.e. a domain which only resolves inside your private network).
To open RDPlus Free Certificate Manager GUI, open RDPlus AdminTool, click on the “Web – HTTPS” tab, then click on “Generate a free valid HTTPS certificate” as shown in the screenshot below:
The Free Certificate Manager GUI will open and remind you about the prerequisites, as shown in the screenshot below:
Please read carefully and check that your server meet all the requirements, then click on the “Next” button.
As shown in the screenshot below, you only need to enter a valid email address.
This email will not be used to spam you. Actually it will not even be sent to RDPlus or any third party, except the certificate issuer: Let’s Encrypt.
They will only contact you if needed, according to their Terms Of Service.
Enter a valid email, then click on the “Next” button.
As shown in the screenshot below, you will be able to open Let’s Encrypt Terms Of Service by clicking on the big button.
To accept these Terms Of Service and continue, check the checkbox and click on the “Next” button.
As shown in the screenshot below, you only need to enter your server’s public domain name.
This is the public Internet accessible Domain Name, something like gateway.your-company.com. You can also enter another domain name or a subdomain name, separated with a comma. Example: “server1.example.com,www.server1example.com”
As explained in the GUI, do not add a protocol prefix and/or a port suffix, just enter the clean domain name(s).
The certificate will be generated for this domain name, and it will only be valid on a web page hosted at this domain name. If your users connect to your Web Portal using https://server1.example.com:1234, then you must enter “server1.example.com”.
RDPlus Free Certificate Manager will now use all the data to connect with Let’s Encrypt, validate that you really own the domain name you typed, and get the matching valid certificate.
Once the program receives the certificate, it will automatically handle all the required file format conversions and softly reload RDPlus built-in web server in order to apply the new certificate to every new connection. The web server is not restarted and no connection is stopped.
Let’s Encrypt certificates are valid for 90 days.
RDPlus will automatically renew the certificate every 60 days for safety. A check is done at every reboot of the Windows server, and then every 24 hours.
You can manually renew your certificate by opening the Free Certificate Manager tool. It will display the domain name of the certificate and its expiration date.
To manually renew your certificate, just click on the “Next” button.
The “Reset Domain” button on this window deletes the SSL certificate and reconfigure the Web Server to its original state before using the Certificate Manager.
If no error occurs, RDPlus will renew the certificate automatically every 60 days. We recommend that you check every 60-70 days that your certificate has been automatically renewed.
We also recommend that you backup at least every month the following folder and its sub-folders:
C:\Program Files (x86)\RDPlus\UserDesktop\files\.lego
This is an internal folder, containing your Let’s Encrypt account private key, as well as the key pair of your certificate.
In case of an error, please contact support and email them the following log file:
C:\Program Files (x86)\RDPlus\UserDesktop\files\.lego\logs\cli.log
This log file (and maybe the other log files in the same folder) should help our support team to investigate and to better understand the issue.
If you want to restore a previously used certificate, go to the folder:
C:\Program Files (x86)\RDPlus\Clients\webserver
It will contain every “cert.jks” files used. These are the “key store” files and we never delete them, we only rename them with the date and time of their disabling.