Windows 2012 R2 RDP – An internal error has occurred
Few days ago, I received a call from the office that application owner is not able to remote desktop one of his server. When I tried with my admin account, I found that RDP is giving error “An internal error has occurred”, however, I was able to login server by console using vSphere client without any issue. Application team confirmed that no changes were made on the server from their side; the only thing that I remember that Windows updates installed 2 days ago. Furthermore, I started troubleshooting and found the following event logged in System logs.
Event ID: 36870, Source: Schannel
A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.
There are many solutions for this event on other blogs, I tried one, which is to remove certificate (don’t forget to take backup of certificate by exporting it) from Remote Desktop Container in certificate in management console and restart Remote Desktop Service to create this certificate again, unfortunately, it didn’t work form and I had to import the certificate again.
After deleting certificate and re-importing, I found two more events.
Event ID : 1057 , Source: TerminalServices-RemoteConnectionManager
The RD Session Host Server has failed to create a new self signed certificate to be used for RD Session Host Server authentication on SSL connections. The relevant status code was Object already exists.
Event ID: 36869, Source: Schannel
The SSL server credential’s certificate does not have a private key information property attached to it. This most often occurs when a certificate is backed up incorrectly and then later restored. This message can also indicate a certificate enrollment failure.
Fix for Windows 2012 R2 Remote Desktop Connection – An internal error has occurred
Solution: Long story short, I renamed the “MachineKeys” folder as “MachineKeys_old” and restart the remote desktop services and RDP worked like charm.
I used the following sources to troubleshoot and fix this issue.
Source 1: Event 36870/ 36880: A fatal error occurred when attempting to access the SSL server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.
Source 2: RDP Fails with Event ID 1058 & Event 36870 with Remote Desktop Session Host Certificate & SSL Communication
Source 3: Event ID 1057 – The Terminal Server has failed to create a new self signed certificate
Source 4: Cannot connect to RDP
Source 5: Windows 2012 – NO RDP
Source 6: Event ID 1057 – The Terminal Server has failed to create a new self signed certificate