linux – Does Microsoft Official RDP Program end to end encrypt data?

Yes, RDP supports encryption between client and server. Remember how it asks for certificate trust when you first connect, and complains when common name in the certificate doesn’t match hostname you entered? This is it.

In general, you use MS AD Certificate Services to issue certificates for server. Then, because AD CA certificates could be distributed to all domain computers, connections from those computers will verify server’s certificates successfully and automatically. The dialog should not appear in this case. This is how it is intended to work.

If you enter IP address of a server to connect to instead of its FQDN, or connect from outside network via address translation, or connect from a computer which doesn’t have CA certificate, this verification is impossible and the confirmation dialog appears.

FreeRDP asks for this confirmation too, showing the details of the remote presented certificate at first connection, and it maintains the list of “confirmed” servers in .config/freerdp/known_hosts2 file, much like ssh client does.