The RDP CredSSP Encryption Oracle Remediation error occurs when there’s a mismatch between the security settings of the client and the server, often after a Windows update. This prevents Remote Desktop from establishing a secure connection. To fix it, you can either update both the client and server to the latest Windows patches or adjust the Group Policy/Registry settings to allow connections. Specifically, navigate to Local Group Policy Editor > Computer Configuration > Administrative Templates > System > Credentials Delegation > Encryption Oracle Remediation, then set it to Enabled & select Vulnerable or Mitigated depending on your needs. This resolves the error and restores RDP functionality.
What is CredSSP Encryption Oracle Remediation?
CredSSP is a security support provider used in RDP to securely pass user credentials from the client to the server. The Encryption Oracle Remediation error typically occurs due to security updates and configuration mismatches related to the CredSSP protocol. Microsoft introduced this remediation to address vulnerabilities in the CredSSP protocol that could allow attackers to exploit encrypted credentials.
Why Does the CredSSP Encryption Oracle Remediation Error Occur?
The CredSSP Encryption Oracle Remediation error generally arises for the following reasons:
- Security Patches: Recent security updates may have been applied on the server or client, causing a mismatch in CredSSP configurations.
- Configuration Mismatch: Differences in CredSSP settings between the client and server can prevent successful authentication.
- Outdated Systems: Systems that have not been updated may be incompatible with the latest CredSSP security protocols.
- Group Policy and Registry Settings: Incorrect Group Policy or registry configurations can cause authentication issues.
How to Fix RDP CredSSP Encryption Oracle Remediation Error Step-by-Step Guide
Step-1: Update Windows on Both Client and Server
Ensuring that both the client and server are updated is the first step to resolving the CredSSP Encryption Oracle Remediation error.
- Check for Updates:
- On both the client and server machines, go to Settings > Update & Security > Windows Updates.
- Press on Check for updates & install any available updates.
- Install Updates:
- Restart both machines after installing the updates to ensure all changes take effect.
- Check for Updates:
Step-2: Modify Group Policy Settings
Adjusting Group Policy settings can help resolve CredSSP issues by ensuring that the appropriate security protocols are enforced.
- Open Group Policy Editor:
- Click Win + R to open the Run dialog box.
- Type gpedit.msc & press Enter to open the Group Policy Editor.
- Navigate to CredSSP Policies:
- Go to PC Configuration > Administrative Templates > System > Credentials Delegation.
- Edit Encryption Oracle Remediation Policy:
- Find and double-click on Encryption Oracle Remediation.
- Set the policy to Enabled.
- Under Protection Level, select Vulnerable to allow connections from clients that not updated.
- Click Apply and then OK.
- Update Group Policy:
- Open the Command Prompt as an administrator and type gpupdate /force.
- Press Enter to update the Group Policy settings.
- Open Group Policy Editor:
Step-3: Modify Registry Settings
If adjusting Group Policy settings does not resolve the issue, you may need to modify registry settings.
- Open Registry Editor:
- Click Win + R to open the Run dialog box.
- Write regedit & press Enter to open the Registry Editor.
- Navigate to CredSSP Settings:
- Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters.
- Edit AllowEncryptionOracle:
- Find the AllowEncryptionOracle entry.
- If it does not exist, create a new DWORD (32-bit) Value and name it AllowEncryptionOracle.
- Double-click on AllowEncryptionOracle and set its value data to 2 to allow connections.
- Click OK to save the changes.
- Restart the Computer:
- Restart both the client and server machines for the changes to take effect.
- Open Registry Editor:
Step-4: Verify RDP Configuration
Confirming that the RDP settings are correctly configured helps ensure that connections are established successfully.
- Open Remote Desktop Connection:
- Click Win + R to open the Run dialog box.
- Type mstsc & press Enter to open Remote Desktop Connection.
- Enter the Server Address:
- In the PC field, enter the IP address or hostname of the server.
- Click Connect & enter your credentials if prompted.
- Check Connection:
- If the CredSSP Encryption Oracle Remediation error no longer appears and you connect successfully, the issue resolved.
- Open Remote Desktop Connection:
Also read: How to Fix RDP “Can’t Connect to the Remote Computer Error”
Additional Tips and Considerations
- Backup Registry and System: Always back up your registry and create a system restore point before making changes to system settings.
- Consistent Updates: Ensure that client and server machines regularly updated to prevent future mismatches in CredSSP configurations.
- Security Considerations: Setting the Group Policy to Vulnerable lowers security standards. Once the connection issue resolved, consider adjusting the settings to a more secure level and updating all systems to support it.
Conclusion
Fixing the CredSSP Encryption Oracle Remediation error involves ensuring both client and server systems are up-to-date, adjusting Group Policy settings, modifying registry configurations, and verifying RDP settings. By following these steps, you can resolve the error and restore secure remote desktop connections. Regular maintenance, consistent updates, and careful configuration management are essential to preventing future occurrences and ensuring a smooth and secure remote access experience.
