Open an Administrative Command Prompt or PowerShell window and force-restart the RDP services to auto-generate a clean certificate: powershell Restart-Service termserv -Force Use code with caution.
If you'd like to quickly narrow down the cause, check these in order: Open an Administrative Command Prompt or PowerShell window
Use the feature in the Azure Portal to execute this PowerShell command: Rename-Item -path "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys" -NewName "MachineKeys_old" . Reboot the VM to allow Windows to rebuild the folder. Open an Administrative Command Prompt or PowerShell window
A common cause in server environments is an expired self-signed RDP certificate that fails to renew automatically. Open an Administrative Command Prompt or PowerShell window
You can also verify these settings via the Microsoft Learn RDP Documentation for enterprise-grade policy adjustments. 3. Clear the RDP Client Cache
If the certificate is not expired, NLA might be causing issues with authentication encryption.