connection terminated unexpected server authentication certificate windows 10

Copper Contributor

Hi Team, 

 

My windows 10 users keep getting this error message many times when they try to log into RDP sessions.

They get this error for about 7 times then logged in.

 

I've looked around but don't have a good answer or findings.

The connection has been terminated because an unexpected server authentication certificate was received from the remote computer.

Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.

 

Were on 1903 

 

10 Replies

@jvalois 

Is there anything in the Eventlog on the machine they are RDPing to?  

Is the machine they are RDPing to also Windows 10 1903 or are they connecting to and RDSH server?

@PaulaSillarsWindows server 2008 SP1 

The description for Event ID 54 from source RDPDR cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.
If the event originated on another computer, the display information had to be saved with the event.
The following information was included with the event:
\Device\RdpDrDvMgr
 
The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 10.1.2.34.
 
This is what I get from the event viewer, is there another place I can look at?
Hi,
can you remember what exactly triggered this issue? like after changing something on the server or installing a new role or program on it? or did the problem suddenly started happening?

@jvalois Is it a virtual server or physical? 

 

Is the issue related to loading of users onto the server?

 

Also, try changing the remote desktop setting on the server to allow connections from a computer running any version of Remote Desktop (less secure) to see whether the issue still exists.  I did see this a few months back with an update.

1. Click the Windows or Start button and type "certmgr.msc". This will start the Certificate Manager.

2. Click on Action | Find Certificates and type "Safeguard" in the Contains field and click on the Find Now button.

3. The results should be displayed below, expand the Issue To column and select (to highlight) SafeguardCluster.

4. Right-click and select Delete.

5. Click Yes on the questions.

@PaulaSillars 

@jvalois had similar issue on Terminal server (2008R2) logging in from Win 10 1903. found out it was being caused by the RDP certificate. regenerated the Certificate and issue was resolved for us. 

@jvalois 

I found solution as IP conflict remote machine with other VM.

The steps you are providing: are you doing this on the RD server or on the Windows 10 client?

@SamK50 

I have the same issue, only I'm running a 5-server RD farm. I have several users with the exact same laptop running the exact same image. The laptops are configured to only allow the user to get into a remote desktop session through an RD broker server. One and only one of these laptops is exhibiting this error. I have tried reimaging the laptop but to no avail. The RD environment is using only self-signed certificates that are automatically implemented by RD services. I'm at a loss as to where else to look. What could be so "special" about this one laptop?

@jvalois I faced the same issue but I could get over the issue by following the below steps :

sandeeprajaiah_1-1682433874360.png


In the remote desktop connection dialogue box, Click on Experience and uncheck 2 options 
- Persistent bitmap caching 
- Reconnect if the Connection is dropped 

Clearing the cache would solve the issue. 

sandeeprajaiah_2-1682433918572.png

 

sandeeprajaiah_0-1682433607692.png


Worth giving it a try...!