Fix CredSSP Encryption Oracle Remediation Error in Remote Desktop
May 2018 update for Windows 10 changed the CredSSP authentication protocol and updated default settings from Vulnerable to Mitigated. This caused issues in Remote Desktop connection with unpatched systems. While connecting to an unpatched system, Windows 10 or Windows 11 users may get the CredSSP Encryption Oracle Remediation error.
An authentication error has occurred. The function requested is not supported. Remote computer: <computer name or IP>. This could be due to CredSSP encryption oracle remediation. For more information, see https://go.microsoft.com/fwlink/?linkid=866660.
You see the above error when an insecure RDP connection is blocked by an Encryption Oracle Remediation policy setting on the server or client. This setting decides how to establish an RDP session by using CredSSP.
SEE ALSO: How to Disable Microsoft Defender (Windows Security) in Windows 10 and 11?
Solve CredSSP Encryption Oracle Remediation error in Remote Desktop Connection
A better and recommended solution for this problem is to patch all systems with the latest Windows patch. However, it may not be possible for you to patch the remote system in every case.
There is a good workaround available to fix the CredSSP Encryption error in the Remote Desktop connection. This fix can be done by using Group Policy Editor and Registry Editor both.
A) Group Policy Method to Fix CredSSP Encryption Error in RDP Connection
The Group Policy Editor is not enabled on Windows 10 Home by default. So, if you are using Windows 10 Home, you can try the Registry Editor method as well. Just make sure Remote Desktop Connection is enabled on the computer you are taking remote control of. Let’s start with the Group Policy Editor method first.
Step 1: Open Local Group Policy Editor
First of all, you need to open Group Policy Editor on your computer. So, go to RUN, type gpedit.msc and press Enter.
The Local Group Policy Editor window will open. Here, you can configure local policies for your computer.
Step 2: Go to Credentials Delegation in Group Policy Editor
In Local Group Policy Editor, go this path:
Computer Configuration\Administrative Templates\System\Credentials Delegation
You will find the Encryption Oracle Remediation policy setting on the right side. We will use this setting to fix the “CredSSP Encryption Oracle Remediation” error in the RDP connection.
Step 3: Change Policy Setting to Fix CredSSP Encryption Oracle Remediation Error
On the right pane, double-click the Encryption Oracle Remediation policy setting. Now, change the Encryption Oracle Remediation policy to Enabled. After that, set Protection Level to Vulnerable and click Apply then OK.
Now, you can close the Group Policy Editor window. You can now connect to an un-patched system without any CredSSP encryption Oracle remediation errors.
SEE ALSO: How to Share Printer on LAN Network in Windows?
B) Fix CredSSP Encryption Oracle Remediation error using Registry Editor
Let’s check the Registry Editor method as well. You can also make the same changes by using the Registry Editor. But we will have to create a few Registry Keys to do that. Let’s check the steps.
Step 1: Open Registry Editor
First of all, open Registry Editor. In order to open Registry Editor, go to RUN, type regedit and press Enter.
Registry Editor windows will open.
Step 2: Create the required CredSSP Keys in the Registry
Go to the following location in Registry Editor:
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System
Here, you have to create two Keys named CredSSP and Parameters under System. To do that, right-click on the System key and select New Key.
Name this new key as CredSSP as shown below.
Similarly, create a new key under CredSSP. Simply, right-click on the newly created CredSSP key and select New Key. Name this new key as Parameters.
Step 3: Create DWORD to Fix CredSSP Encryption Oracle Remediation Error
After creating the Parameters Key, select it. Now, right-click in the blank space on the right side and select New > DWORD (32-bit) Value.
Name this new DWORD as AllowEncryptionOracle.
AllowEncryptionOracleNow Modify the value of this DWORD to 2 to fix the CredSSP encryption oracle remediation error.
Alternate Method:
You can also use the command prompt to modify registry settings and make required changes. Open the Command Prompt window as Administrator and run the following command to add a registry value:
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2
SEE ALSO: 10 Cool Command Prompt Tricks for you.
Fix CredSSP Encryption Oracle Remediation Authentication Error in RDP
Now you have successfully bypassed the Encryption Oracle Remediation security. You can now connect to unpatched systems without the CredSSP Encryption authentication error. However, we recommend you patch all your servers and client systems with the latest security patches.
You can check this link for more details on the CredSSP error on the Microsoft website. Share your thoughts and queries in the comment section below.
