I often saw the error message “The identity of the remote computer cannot be verified.Do you want to connect anyway?“, when I was connecting the Windows Server from my workstation using RDP client.
From the details in the error prompt, I could understand that the RDP client is trying to validate the remote server’s certificate. The RDP client throws error prompt when it could not trust the certificate. The good thing is, the RDP client allows us to bypass the certificate validation and connect to the server any way.
The Ideal solution for this is to apply the correct certificate on the server. The Microsoft support article https://support.microsoft.com/en-us/help/2000960/you-receive-various-certificate-related-error-messages-when-connecting explains how to verify the selected certificate on the server.
In my case, I don’t have the control over the servers. But I’m sure the servers I connect, are trust worthy. So, It is annoying to see this error message every time when I connect to the servers. And, every time I have to select the check box “Don’t ask me again for connecting this computer“.
On searching the web, I came across an article on bypassing this error prompt. Below are the steps I’ve followed to bypass the RDP certificate check error. The registry setting should done in the workstation. No need to change anything on the server. I’m just presenting the fix identified by Scott in a step by step way, to make it simple for everyone. This fix worked for my Windows 8 workstation. The servers, I often connect are Windows Server 2008 and Windows Server 2008 R2. I’m no more seeing the error prompt.
NOTE: Please make sure the servers you remote desktop is trust worthy, before adding this registry entry to bypass the prompt.
Bypassing identity of the remote computer verification:
- In your workstation, go to run command prompt.
- Type in regedit and hit enter button. The registry editor window will open.
- In the registry editor window, go to HKEY_LOCAL_MACHINE –> Software –> Microsoft –> Terminal Server Client.
- Right click Terminal Server Client and select New and then select DWORD.
- Name the new DWORD entity as AuthenticationLevelOverride.
- Edit AuthenticationLevelOverride and make sure the value is 0.
- Close the Regedit.
- Now try to remote in to the same server using the remote desktop client.
The credit for this fix goes to Scott.
Related
- Read the article on the technique to activate multiple RDP sessions for the same windows user.
Thank you !!!!!!!!!!!!!!!
Thank you so much ..Its working .:-)
Dear Sir,
You saved my life! I cannot thank you enough for this “little” trick. Hours to be able to connect to my other PCs under W7 from my new (boringly restricted) W10 PC.
Thank you very very much.
Wow, thanks a lot for this fix! This worked great!
Thanks a lot !
It was very useful.
Thank you very much! I love one line fixes that solve my problems.
If you have a RD Connection Broker you can create a Kerberos identity for the RDS farm which will also eliminate these certificate errors. See https://cloudblogs.microsoft.com/enterprisemobility/2009/05/20/creating-kerberos-identity-for-rd-session-host-farms-part-i-using-the-remote-desktop-services-provider-for-windows-powershell/ for instructions