RDP certificate name mismatch - name in remote certificate ::1

RobM 71 Reputation points
2024-07-04T10:32:11.9933333+00:00

I'm trying to RDP to a Windows 10 computer and I'm getting a name mismatch error stating that it was expecting domain.net.au but the name on the certificate from the remote server was ::1

The background is that this is an Azure joined computer that I couldn't rdp into and after extensive research, the only reason that I could find was that the TPM module needed updating. After updating, I was expecting to have to recreate Windows Hello PINs but I wasn't expecting the tsunami of issues that accompanied it, with one being this.

The primary DNS suffix is set correctly, and the certificate name that RDS server creates is correct. But on the client side, I get the above error. Where is the ::1 (local host) coming from? When I look at subject alternatives in the certificate, it lists ::1 and the IP address of the client computer.

Regards,

RDP certificate name mismatch - name in remote certificate ::1

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,608 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Karlie Weng 18,581 Reputation points Microsoft Vendor
    2024-07-05T02:49:02.5933333+00:00

    Hello,

    You can reinstall the self-signed certificate on your client, making sure it's issued by the same server. If not, consider foregoing SSL authentication by disabling NLA:

    a. Open the gpedit.msc applet.

    b. Go to Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security.

    c. Activate the "Require use of specific security layer for remote (RDP) connections" and choose RDP as the Security Layer.

    d. Turn off the "Require user authentication for remote connections by using Network Level Authentication" policy.

    e. Restart the Terminal server.


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.