TLS security layer
xrdp is now accepts TLS security layer connections from RDP clients.
in order to use TLS in xrdp server, you will need:
1. an x509 certificate and a private key.
Self-signed certificate can be generated using openssl tool:
example: openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365
- you must point xrdp server to the certificate and key files inside xrdp.ini config file:
certificate=<path to certificate file> key_file=<path to key file>
- xrdp's default paths for certificate and key are /etc/xrdp/cert.pem and /etc/xrdp/key.pem
- Note: you may give read permissions on the key file only for root (xrdp is running as root).
in xrdp.ini file, set:
TLS direct connections are not supported by xrdp for now (http://msdn.microsoft.com/en-us/library/cc240799.aspx)