diff --git a/server/proxy/pf_context.c b/server/proxy/pf_context.c
index d5eac6a80..ebe922282 100644
--- a/server/proxy/pf_context.c
+++ b/server/proxy/pf_context.c
@@ -217,9 +217,7 @@ BOOL pf_context_copy_settings(rdpSettings* dst, const rdpSettings* src)
 {
 	BOOL rc = FALSE;
 	rdpSettings* before_copy;
-	const size_t to_revert[] = { FreeRDP_ConfigPath,      FreeRDP_PrivateKeyContent,
-		                         FreeRDP_PrivateKeyFile,  FreeRDP_CertificateFile,
-		                         FreeRDP_CertificateName, FreeRDP_CertificateContent };
+	const size_t to_revert[] = { FreeRDP_ConfigPath, FreeRDP_CertificateName };
 
 	if (!dst || !src)
 		return FALSE;
diff --git a/server/proxy/pf_server.c b/server/proxy/pf_server.c
index d5d7dfb29..d11083795 100644
--- a/server/proxy/pf_server.c
+++ b/server/proxy/pf_server.c
@@ -444,31 +444,38 @@ original_cb:
 
 static BOOL pf_server_initialize_peer_connection(freerdp_peer* peer)
 {
-	pServerContext* ps;
-	rdpSettings* settings;
-	proxyData* pdata;
-	const proxyConfig* config;
-	proxyServer* server;
-
 	WINPR_ASSERT(peer);
 
-	ps = (pServerContext*)peer->context;
+	pServerContext* ps = (pServerContext*)peer->context;
 	if (!ps)
 		return FALSE;
 
-	settings = peer->context->settings;
+	rdpSettings* settings = peer->context->settings;
 	WINPR_ASSERT(settings);
 
-	pdata = proxy_data_new();
+	proxyData* pdata = proxy_data_new();
 	if (!pdata)
 		return FALSE;
-	server = (proxyServer*)peer->ContextExtra;
+	proxyServer* server = (proxyServer*)peer->ContextExtra;
 	WINPR_ASSERT(server);
-
 	proxy_data_set_server_context(pdata, ps);
 
 	pdata->module = server->module;
-	config = pdata->config = server->config;
+	const proxyConfig* config = pdata->config = server->config;
+
+	rdpPrivateKey* key = freerdp_key_new_from_pem(config->PrivateKeyPEM);
+	if (!key)
+		return FALSE;
+
+	if (!freerdp_settings_set_pointer_len(settings, FreeRDP_RdpServerRsaKey, key, 1))
+		return FALSE;
+
+	rdpCertificate* cert = freerdp_certificate_new_from_pem(config->CertificatePEM);
+	if (!cert)
+		return FALSE;
+
+	if (!freerdp_settings_set_pointer_len(settings, FreeRDP_RdpServerCertificate, cert, 1))
+		return FALSE;
 
 	/* currently not supporting GDI orders */
 	ZeroMemory(settings->OrderSupport, 32);
@@ -487,17 +494,6 @@ static BOOL pf_server_initialize_peer_connection(freerdp_peer* peer)
 			return FALSE;
 	}
 
-	if (!freerdp_settings_set_string(settings, FreeRDP_CertificateFile, config->CertificateFile) ||
-	    !freerdp_settings_set_string(settings, FreeRDP_CertificateContent,
-	                                 config->CertificateContent) ||
-	    !freerdp_settings_set_string(settings, FreeRDP_PrivateKeyFile, config->PrivateKeyFile) ||
-	    !freerdp_settings_set_string(settings, FreeRDP_PrivateKeyContent,
-	                                 config->PrivateKeyContent))
-	{
-		PROXY_LOG_ERR(TAG, ps, "Memory allocation failed (strdup)");
-		return FALSE;
-	}
-
 	if (config->RemoteApp)
 	{
 		const UINT32 mask =