Credential Security Support Provider Protocol or
CredSSP is a security support protocol that is used to authenticate users via the
SSPI . CredSSP used to delegate a user credential to the remote server by using TLS encrypted channel. Microsoft issues an update in March 2018 to fix CredSSP related vulnerabilities. This update broke the
Remote Desktop Protocol (RDP) log in with the CredSSP. This resulted in a lot of users can not log in to the RDP sessions.
CredSSP Encryption Oracle Remediation Error
If the update is installed and we try to connect to the remote RDP server the following error message is provided with the failure of the RDP connection.
An authentication error has occurred.
The function requested is not supported
Remote computer: <computer name="SRV1">
This could be due to CredSSP encryption oracle remediation.
For more information, see the link
Fix via Computer Cofiguration (Group Policy)
The security update resulted the error. By rolling back this update this error can be fixed but this is not the best even a good way. Because rolling back the update makes the systems vulnerable with the security issues. The
Computer Configuration or
Group Policy can be used to fix this CredSSP error. First open the
Local Group Policy Editor
- Open the Windows Run Box (WIN+R)
gpedit.mscin order to open
- Navigate to the
Encrypt Oracle Remediation.
Encryption Oracle Remediation like below.
In the “Encryption Oracle Remediation” select the
Enabled like below. Then in the
Protection Level select the value
Vulnerable . The last step is clicking to the
Fix via Registery Editor
Another way to fix CredSSP authantication with RDP error is using the registery editor. First open the registery editor by running
regedit in the windows run.
- Open Windows Run (WIN+R)
- In the registry editor navigate to the
- Double click to the key
Allow Encryptionand change the value to 2.