I was digging around in termsrv.dll yesterday when I noticed that there are some (well 372 to be exact) SSL certificates inside the Terminal Server binary (termsrv.dll):

image

Two of them seem to actually contain the private keys as well, but I am not 100% sure it may be just a certificate in another format.

 

I wrote a small PowerShell script to import these certificates into the personal certificate store so I could inspect them easily:

The certificates appear to be public certificates of root CA’s, I have no idea of their intended purpose (why they need to be inside the termsrv.dll):

image

The keys that were marked as private are these two:

image