Fix CredSSP Encryption Oracle Remediation Error

1

It is quite frustrating to see the CredSSP Encryption Oracle Remediation error when you try to connect through the RDP to a Windows Computer. I did got the same problem while trying to establish a remote desktop connection to my virtual private server that runs on Windows Server 2012 R2. After spending sometime to resolve the issue, I got to know the reason of why my Windows 10 computer is popping an error after the recent Windows update. Later I found some workaround for CredSSP fix by doing few tweaks at the group policy editor or to the registry. Let me share the solution with you all about this vulnerability to bypass the error CredSSP Encryption Oracle Remediation.

solve CredSSP Encryption Oracle Remediation

What does CredSSP Encryption Oracle Remediation mean?

The actual error you see when you connect to the RDP connection is

An authentication error has occurred.
The function requested is not supported.
Remote Computer: 192.168.1.1
This could be due to CredSSP encryption oracle remediation.
For more information, see https://go.microsoft.com/fwlink/?linkid=866660.

CredSSP Encryption Oracle Remediation Error

Before knowing the actual fix, it is good to know the reason why you get this kind of message when connecting to the RDP connection.

Generally, in my case, I am using the older version of the Windows operating system on my VPS. When I connect to my VPS from my personal computer which is on Windows 10 Pro, we commonly see this error and is related to data security. The authentication error is because of the operating system compatibility/support. When the destination computer you are connecting to is up-to-date, then you never see this encryption error.

So, now we are bypassing this restriction by enabling few settings or you can patch up the client PC to the latest version of Windows. This is simple to do. Here is the work around!

Solve CredSSP Encryption Oracle Remediation by Group Policy

If you have access to group policy editor, then you can use this method. This works well when you try to connect to AWS, Azure VM or any VPS machine through Windows 10 1803, 7, 8.1, 2008, 2016, etc.

1 Step: Use Windows or Cortana search to find Group Policy Editor (gpedit.msc).

group policy editor

2 Step: Once you have the editor, expand ‘Administrative Templates’ then ‘System’ and here choose ‘Credentials Delegation.’

Local Group Policy Editor Settings

3 Step: Now choose ‘Edit policy Settings’ then ‘Enable’ it and change the protection level to ‘Vulnerable.’

Fix CredSSP Encryption Oracle Remediation

4 Step: Finally, apply the settings then try to connect through the RDP.

This is how you can fix CredSSP Encryption Oracle Remediation by modifying Group policy configuration settings. If you do not have the group policy editor, check the second working method.

CredSSP Fix via RegEdit Setting

This resolution works well if you are using Windows 10 Home Edition where some of the core features are not available for users. So, let’s see how we can disable this error.

1 Step: Search for ‘regedit’ using Cortana search.

regedit

2 Step: Now expand ‘HKEY_LOCAL_MACHINE’ then ‘Software’ then ‘Microsoft’ then ‘Windows’ then ‘CurrentVersion’ then ‘Policies’ then ‘System.’

3 Step: Here you need to create a new Key. So, right click on the ‘System’ folder then choose ‘New Key’ and name it as CredSSP. Again create another ‘Key’ within CredSSP with the name ‘Parameters.’ This look exactly like in the below image.

credssp regedit

4 Step: Inside the Parameters, you need to create a new DWORD value and name it as ‘AllowEncryptionOracle’. Finally, change the DWORD value to 2 and Base to ‘Decimal.’

AllowEncryptionOracle

That is, it. Now you can try connecting to the network RDP from any version of Windows which is getting the error to solve CredSSP Encryption Oracle Remediation.

1 COMMENT

  1. I did both of these steps and still getting the same error.
    Moreover, gpupdate/force fails in cmd.
    The processing of Group Policy failed because of lack of network connectivity to a domain controller.

LEAVE A REPLY

Please enter your comment!
Please enter your name here