Code: Select all
$TSGeneralSetting = Get-WmiObject "Win32_TSGeneralSetting" -ComputerName "." -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'"
$TSGeneralSetting.SSLCertificateSHA1Hash = (Get-ChildItem -Path Cert:\LocalMachine\my | WHERE {$_.Subject -match "[b]CN=mail.example.com[/b]" } | Sort-Object -Descending NotBefore | Select -First 1).Thumbprint
$TSGeneralSetting.put()
I will test it with the certifytheweb client and see if it will autoupdate on cert renew