none
Remote Desktop brings certificate error RRS feed

  • Question

  •  

    Hello !

    The Remote Desktop on my VISTA 32 machine was connection to my 2008 64 bit PDC via Remote Desktop ever since installed and configured in the Firwall correctly, it recently started to fail.

     

    << Remote Desktop cannot connect to the remote computer because the authentication certificate recieved from the remote computer is expired or invalid.>>

     

    I first thought there might be a time difference between my PDC and the Workstation, but it is not.

     

    Can anybody tell me how to configure things to get connection again?

    Please reply to clemens.liegler@ados.com ...

     

    Regards, Clemens

    Thursday, October 2, 2008 10:53 AM

Answers

  • Hello!

     

    The problem can be solved by deleting the certificate, which had expired, in the Local Computer certificate database in the section Remote Desktopon the PDC.

    After this, no new certificate is created, however it works now again. I am not totaly sure if this is to be seen as a solution for the problem. I tried hard to create a new certificate, but finally gave up. Maybe someone has experience with this.

     

    regards,

    Wednesday, October 15, 2008 3:21 AM
  •  

    Hi Clemens, on the server computer, have you tried this setting:

     

    1.       Click start, type sysdm.cpl in start search, and press Enter.

    2.       Under Remote tab, choose "Allow connections from computers running any versions of Remote Desktop"

    3.       Click OK.

    4.       Then, please try again.

     

    Meanwhile, can you connect to other computers via RDP?

    Monday, October 6, 2008 6:21 AM
    Moderator

All replies

  •  

    Hi Clemens, on the server computer, have you tried this setting:

     

    1.       Click start, type sysdm.cpl in start search, and press Enter.

    2.       Under Remote tab, choose "Allow connections from computers running any versions of Remote Desktop"

    3.       Click OK.

    4.       Then, please try again.

     

    Meanwhile, can you connect to other computers via RDP?

    Monday, October 6, 2008 6:21 AM
    Moderator
  • Hi!

    Just returned from Boston, MA to Europe ... Thanks for the answer meanwhile.

     

    The computer is a PDC, so the 'Allow Connections from Computers running any version of Remote Desktop' is not selectable.

     

    Yes, I can connect to other Servers using RDP without problems. As I say'd the problem occurs suddenly, it did work before.

     

    Regards, Clemens 

    Saturday, October 11, 2008 10:32 AM
  • Hi Clemens, thanks for the update. For the current issue, if you have already made sure time was set correctly on both computers, you can also check if time zone is set correctly. Make sure time zone is set correctly, synchronize time on both computers and let’s see the result.

    Monday, October 13, 2008 3:25 AM
    Moderator
  • Hello!

    I just did another verification. Settings on PDC and Workstation are identical. Time settings and Regional Settings. I do fear that there is something wrong with the Certification Administration but I see no way to find out how to verify the current status. However the whole story is strange.

     

    Connecting the the PDC using Remotely Anywhere over https works fine. Does RA not use the same certification methods?

    Clemens
    Tuesday, October 14, 2008 7:13 AM
  • Hello!

     

    The problem can be solved by deleting the certificate, which had expired, in the Local Computer certificate database in the section Remote Desktopon the PDC.

    After this, no new certificate is created, however it works now again. I am not totaly sure if this is to be seen as a solution for the problem. I tried hard to create a new certificate, but finally gave up. Maybe someone has experience with this.

     

    regards,

    Wednesday, October 15, 2008 3:21 AM
  • I am having the same issue as everyone else.  I've confirmed that both domain controllers and the client machine all have the EXACT same time, but I still can't login.  There must be another way to fix this.
    Thursday, October 23, 2008 8:41 PM
  • Hey All,

     

    You can treat this error through two ways:

     

    1.       Is to issue a valid certificate that’s from a trusted root CA trusted by the client machines (which is the recommended action as it’s more secure). To do this follow the steps below:

     

    ·         Issue the required TS certificate from trusted CA, and install it in the local computer store on TS server.

    ·         Open Terminal services configuration.

    ·         Right click RDP-tcp then Properties.

    ·         On General Tab you ll find certificates section click select and choose the certificate you have installed.

     

    2.        Is to tell the Terminal service server to not negotiate security layer for with the RDP clients and make it RDP security layer. To do this follow the steps below:

     

    ·         Open Terminal services configuration.

    ·         Right click RDP-tcp then Properties.

    ·         On General Tab change security layer from negotiate to RDP security layer.

     

    Good luck,

    Tamer Sherif

     

    • Proposed as answer by R0m4n Wednesday, August 1, 2012 3:41 PM
    Sunday, November 2, 2008 1:02 PM
  • This worked for me.  The problem was that the BIOS battery is dead so when the machine was created it had a date of October 22, 2002 so the certificate was set to expire in 2004.  When the date was properly set to June 2009 the certificate was expired. 
    Thursday, June 18, 2009 1:05 AM
  • I did much the same as Clemens Liegler above, however before I deleted the certificate I exported it ( just in case ) and the certificate error then disapperared. I then Re-imported the same certificate and miraculously it now had another 6 months on it and still worked ! Dont know why,  but it got around the problem !
    Wednesday, August 19, 2009 12:13 PM
  • Hello Tamer

    Tried your suggestion nr 2 and it solved my problem.

    Thanks

    Friday, February 5, 2010 2:24 PM
  • I received a trusted root CA (GoDaddy) certificate, signed the RemoteApps with it fine but ran into an issue with the Remote Desktop server's certificate and Tamer's suggestion worked great in resolving it.

    ·Issue the required TS certificate from trusted CA, and install it in the local computer store on TS server.

    ·Open Terminal services configuration.

    ·Right click RDP-tcp then Properties.

    ·On General Tab you’ll find certificates section click select and choose the certificate you have installed.

     

    Thanks, Tamer.

    • Proposed as answer by jlongjr Thursday, September 1, 2011 4:54 AM
    Friday, April 29, 2011 1:51 PM
  • Thanks Dear

    it was highly helpful God Bless You

    Tuesday, September 4, 2012 2:41 PM