RDP SSL Error
How to fix RDP SSL errors?
Overview: This article explains how to fix RDP SSL errors, including "ERR_EMPTY_RESPONSE," "ERR_BAD_SSL_CLIENT_AUTH_CERT," and "SSL_ERROR_RX_CERTIFICATE_REQUIRED_ALERT," by ensuring that the same certificate and key used for the web server are copied to the Ezeelogin directory.
1. How to solve error "ERR_EMPTY_RESPONSE" ?
Step 1(A): To resolve the above error copy the certificate and key used for the web server to Ezeelogin directory.
Refer below example to copy the self-signed certificate and key to /usr/local/etc/ezlogin/
root@gateway:~# cp /etc/httpd/ssl/apache.crt /usr/local/etc/ezlogin/tls_cert.pem
root@gateway:~# cp /etc/httpd/ssl/apache.key /usr/local/etc/ezlogin/tls_key.pem
Note: Also, make sure that the .pem files are readable by the webserver user such as nobody/www-root/apache, etc. An easy way to grant the web user read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem
2. How to solve error "ERR_BAD_SSL_CLIENT_AUTH_CERT" and "SSL_ERROR_RX_CERTIFICATE_REQUIRED_ALERT" ?
Error in Microsoft Edge
Error in Mozilla Firefox
Step 2(A): The above errors can be resolved by copying the same valid certificate and key used for the web server to the Ezeelogin directory.
root@gateway:~# cp /path/to/webserver/key.pem /usr/local/etc/ezlogin/tls_key.pem
root@gateway:~# cp /path/to/webserver/cert.pem /usr/local/etc/ezlogin/tls_cert.pem
Example:
root@gateway:~# cp /etc/letsencrypt/live/cloudweg.com/privkey.pem /usr/local/etc/ezlogin/tls_key.pem
root@gateway:~# cp /etc/letsencrypt/live/cloudweg.com/fullchain.pem /usr/local/etc/ezlogin/tls_cert.pem
Note: Also, make sure that the .pem files are readable by the webserver user such as nobody/www-root/apache, etc. An easy way to grant the web user read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem
Step 2(B): Restart apache web service
root@gateway:~# systemctl restart apache2
Step 2(C): Try to access RDP again
Related Articles
RDP Error: This computer can’t connect to the remote computer
Could not Start Ezeelogin RDP proxy