Fix CredSSP Encryption Oracle Remediation Error in Remote Desktop

May 2018 update for Windows 10 changed the CredSSP authentication protocol and updated default settings from Vulnerable to Mitigated. This caused issues in Remote Desktop connection with unpatched systems. While connecting to an unpatched system, Windows 10 or Windows 11 users may get the CredSSP Encryption Oracle Remediation error.

An authentication error has occurred.
The function requested is not supported.
Remote computer: <computer name or IP>.
This could be due to CredSSP encryption oracle remediation. For more information, see https://go.microsoft.com/fwlink/?linkid=866660.
Credssp Encryption Oracle Remediation Error In Remote Desktop Connection
CredSSP error in Remote Desktop Connection

You see the above error when an insecure RDP connection is blocked by an Encryption Oracle Remediation policy setting on the server or client. This setting decides how to establish an RDP session by using CredSSP.

SEE ALSO: How to Disable Microsoft Defender (Windows Security) in Windows 10 and 11?

Solve CredSSP Encryption Oracle Remediation error in Remote Desktop Connection

A better and recommended solution for this problem is to patch all systems with the latest Windows patch. However, it may not be possible for you to patch the remote system in every case.

There is a good workaround available to fix the CredSSP Encryption error in the Remote Desktop connection. This fix can be done by using Group Policy Editor and Registry Editor both.

A) Group Policy Method to Fix CredSSP Encryption Error in RDP Connection

The Group Policy Editor is not enabled on Windows 10 Home by default. So, if you are using Windows 10 Home, you can try the Registry Editor method as well. Just make sure Remote Desktop Connection is enabled on the computer you are taking remote control of. Let’s start with the Group Policy Editor method first.

Step 1: Open Local Group Policy Editor

First of all, you need to open Group Policy Editor on your computer. So, go to RUN, type gpedit.msc and press Enter.

Type Gpedit.msc And Press Enter To Open Group Policy Editor
Type gpedit.msc in RUN and press Enter

The Local Group Policy Editor window will open. Here, you can configure local policies for your computer.

Local Group Policy Editor Console
Local Group Policy Editor Console

Step 2: Go to Credentials Delegation in Group Policy Editor

In Local Group Policy Editor, go this path:

Computer Configuration\Administrative Templates\System\Credentials Delegation

You will find the Encryption Oracle Remediation policy setting on the right side. We will use this setting to fix the “CredSSP Encryption Oracle Remediation” error in the RDP connection.

Go To Credentials Delegation Setting In Group Policy Editor to fix CredSSP Encryption Oracle Remediation Error
Go to the Credentials Delegation setting in Group Policy Editor

Step 3: Change Policy Setting to Fix CredSSP Encryption Oracle Remediation Error

On the right pane, double-click the Encryption Oracle Remediation policy setting. Now, change the Encryption Oracle Remediation policy to Enabled. After that, set Protection Level to Vulnerable and click Apply then OK.

Enable Encryption Oracle Remediation Policy Select Protection Level As Vulnerable And Click Ok
Enable Encryption Oracle Remediation policy, change Protection Level to Vulnerable

Now, you can close the Group Policy Editor window. You can now connect to an un-patched system without any CredSSP encryption Oracle remediation errors.

SEE ALSO: How to Share Printer on LAN Network in Windows?


B) Fix CredSSP Encryption Oracle Remediation error using Registry Editor

Let’s check the Registry Editor method as well. You can also make the same changes by using the Registry Editor. But we will have to create a few Registry Keys to do that. Let’s check the steps.

Step 1: Open Registry Editor

First of all, open Registry Editor. In order to open Registry Editor, go to RUN, type regedit and press Enter.

Go To Run Type Regedit And Press Enter Or Click Ok
Go to RUN > Type regedit > press Enter

Registry Editor windows will open.

Registry Editor In Windows 10
Registry Editor in Windows 10

Step 2: Create the required CredSSP Keys in the Registry

Go to the following location in Registry Editor:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System

Here, you have to create two Keys named CredSSP and Parameters under System. To do that, right-click on the System key and select New Key.

Create A New Key Under System In Registry Editor
Create a New Key under System in Registry Editor

Name this new key as CredSSP as shown below.

Rename New Key As Credssp To Fix Encryption Remediation Error In Remote Desktop
Rename New Key as CredSSP

Similarly, create a new key under CredSSP. Simply, right-click on the newly created CredSSP key and select New Key. Name this new key as Parameters.

Create New Key Named As Parameters Under Credssp
Create a New Key named Parameters under CredSSP

Step 3: Create DWORD to Fix CredSSP Encryption Oracle Remediation Error

After creating the Parameters Key, select it. Now, right-click in the blank space on the right side and select New > DWORD (32-bit) Value.

Create A New Dword Under Parameters Key In Registry Editor To Fix Credssp Oracle Remediation Encryption Error
Create a new DWORD under the Parameters key in Registry Editor

Name this new DWORD as AllowEncryptionOracle.

Name New Dword As Allow Encryption Oracle
Name new DWORD as AllowEncryptionOracle

Now Modify the value of this DWORD to 2 to fix the CredSSP encryption oracle remediation error.

Modify Dword Value To 2 Decimal
Modify DWORD value to 2

Alternate Method:

You can also use the command prompt to modify registry settings and make required changes. Open the Command Prompt window as Administrator and run the following command to add a registry value:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2
Create Credssp Registry Entry Using Cmd To Fix Encryption Oracle Remediation Error
Create the CredSSP Registry entry using the command prompt

SEE ALSO: 10 Cool Command Prompt Tricks for you.


Fix CredSSP Encryption Oracle Remediation Authentication Error in RDP

Now you have successfully bypassed the Encryption Oracle Remediation security. You can now connect to unpatched systems without the CredSSP Encryption authentication error. However, we recommend you patch all your servers and client systems with the latest security patches.

You can check this link for more details on the CredSSP error on the Microsoft website. Share your thoughts and queries in the comment section below.

Editorial Staff

Hi there, we are the editorial staff at WINDOSPC (former HELLPC). We are a team of funny and technical people. Feel free to get in touch with us via Contact-Us page.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.