Earlier, we’ve seen how to create and use Remote Desktop Connection from Windows to other devices in following article:
How to use Remote Desktop feature to connect Windows to other devices
Recently, we were not able to establish Remote Desktop Connection with one of our Windows 10 Pro running machine. Whenever we try to create the connection on this client machine with Remote Desktop gateway, following error appears immediately:
The connection has been terminated because an unexpected server authentication certificate was received from the remote computer.
Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.
This issue might occur to due to:
- The server certificate required is either missing or outdated
- Remote Desktop Client Certificate Revocation List (CRL) validation is not working
- Remote Desktop is broken on your Windows 10 client machine
If you’re also victim of this problem, this article is for you. For first cause mentioned above, you may update the certificates installed on the machines. You can check this guide to install the required or missing certificates. For second cause, though you can disable the CRL validation but we don’t recommend doing it from security point of view. For third point, below mentioned fixes should resolve the issue for you:
FIX : The Connection Has Been Terminated Because An Unexpected Server Authentication Certificate Was Received From The Remote Computer In Windows 10/8.1/8/7
FIX 1 – Replace mstsc.exe & mstscax.dll Files
If you’re experiencing this issue after upgrading your Windows 10 to Anniversary Update (Version 1607) or later, then you can fix this problem by replacing Remote Desktop Client files located in System32 folder (viz. C:\Windows\system32). The files are mstsc.exe and mstscax.dll and you need to replace them with similar files from older Windows 10 version (such as Version 1507, Version 1511 etc.).
For your convenience, I’m providing both the files taken from one of my Windows 10 V1507 running machine. Simply download these files and replace them with existing ones on your system. (Tip: rename the existing files to anything or move them elsewhere)
After replacing the files, retry with creating the Remote Desktop Connection and it should work this time.
FIX 2 – Using Registry
Registry Disclaimer: The further steps will involve registry manipulation. Making mistakes while manipulating registry could affect your system adversely. So be careful while editing registry entries and create a System Restore point first.
1. Press + R and put regedit in Run dialog box to open Registry Editor (if you’re not familiar with Registry Editor, then click here). Click OK.
2. In the Registry Editor window, navigate to following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client
3. In the right pane of Terminal Server Client registry key, double click on the RDGClientTransport registry DWORD (REG_DWORD).
4. Finally, set the Value data to 1 and click OK. Close Registry Editor and reboot the machine and retry to connect with Remote Desktop, you should have no issues.
Hope this helps!
Ben Thoele
My Windows 10 machine is patched up to the current 2017-08 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4034674) and I am still experiencing the issue.
Kapil Arya
^^ Have you tried steps mentioned here?
jestrella
You can try Remote Desktop> show options> Advanced> If server authentication fails -> connect and do not warm me up
Kapil Arya
^^ Thanks for your inputs 😊
Adeniyi
While I try to replace the mstsc.exe and mstscax.dll, a dialogue box pop up showing
“You need permission to perform this action”
What should I do?
Kapil Arya
^^ You can click Continue and provide permissions.
Tanoli
Hello,
I don’t see this registry entry, after Microsoft there is no folder called Terminal Server Client? Please, let me know. HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client
Kapil Arya
^^ You can manually create new Terminal Server Client registry key. Right click Microsoft registry key, select New > Key. Then rename it to Terminal Server Client.