Third-party security suites can suddenly start blocking RDP after an update.
Locate , switch it to Enabled , and select RDP from the drop-down menu.
Log into the host machine locally or via an alternative tool. Run certlm.msc to open the certificate manager. Navigate to . If the certificate is expired, Delete it.
locally or through another remote method. Third-party security suites can suddenly start blocking RDP
Did this error start happening , or has it been a gradual issue over your network? Share public link
: The "Remote Desktop" app available in the Microsoft Store uses a different networking stack and often bypasses the 0x904 error found in the built-in mstsc.exe client. Azure VM Specific Fix
: Ensure your network is set to Private rather than Public, as Public profiles often have stricter inbound rules. 2. Configure Firewall Permissions Run certlm
If the basic fixes above don't resolve the issue, use these advanced strategies to pinpoint the exact cause.
Check the expiration date. If expired, delete the old certificate.
The Remote Desktop error code (Extended Error ) typically signals a network-level disconnect or a security handshake failure. It often surfaces during unstable connections, when VPN speeds drop, or due to expired RDP certificates. locally or through another remote method
Antivirus, firewall, or security software (e.g., Bitdefender) is blocking RDP traffic.
Rename-Item -Path "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" -NewName "MachineKeys_old" Use code with caution.
Click on the left menu. Click the Change settings button at the top right. Scroll down to find Remote Desktop . Check both the Private and Public checkboxes next to it. Click OK to save the changes. Verify Listening Port 3389
If you have administrative access to the target machine, you can force it to use a more compatible security layer. Open Group Policy Editor ( gpedit.msc ) and navigate to Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security . Find the policy "Require use of specific security layer for remote (RDP) connections," enable it, and set the "Security Layer" to RDP . This disables Network Level Authentication (NLA) and often bypasses the 0x904 error.
Below are the most effective solutions for resolving this error: 1. Fix Expired or Corrupt RDP Certificates