RDP SSL Error

How to fix RDP SSL errors?

Overview: This article explains how to fix RDP SSL errors, including "ERR_EMPTY_RESPONSE," "ERR_BAD_SSL_CLIENT_AUTH_CERT," and "SSL_ERROR_RX_CERTIFICATE_REQUIRED_ALERT," by ensuring that the same certificate and key used for the web server are copied to the Ezeelogin directory.

1. How to solve error "ERR_EMPTY_RESPONSE" ?

Step 1(A): To resolve the above error copy the certificate and key used for the web server to Ezeelogin directory.

Refer below example to copy the self-signed certificate and key to /usr/local/etc/ezlogin/

root@gateway:~# cp /etc/httpd/ssl/apache.crt /usr/local/etc/ezlogin/tls_cert.pem

root@gateway:~# cp /etc/httpd/ssl/apache.key /usr/local/etc/ezlogin/tls_key.pem

Note: Also, make sure that the .pem files are readable by the webserver user such as nobody/www-root/apache, etc. An easy way to grant the web user read privileges would be chmod 644 /usr/local/etc/ezlogin/*.pem

2. How to solve error "ERR_BAD_SSL_CLIENT_AUTH_CERT" and "SSL_ERROR_RX_CERTIFICATE_REQUIRED_ALERT" ?

Error in Microsoft Edge

Error in Mozilla Firefox

Step 2(A): The above errors can be resolved by copying the same valid certificate and key used for the web server to the Ezeelogin directory.

root@gateway:~# cp /path/to/webserver/key.pem /usr/local/etc/ezlogin/tls_key.pem

root@gateway:~# cp /path/to/webserver/cert.pem /usr/local/etc/ezlogin/tls_cert.pem

Example:

root@gateway:~# cp /etc/letsencrypt/live/cloudweg.com/privkey.pem /usr/local/etc/ezlogin/tls_key.pem

root@gateway:~# cp /etc/letsencrypt/live/cloudweg.com/fullchain.pem /usr/local/etc/ezlogin/tls_cert.pem

Step 2(B): Restart apache web service

root@gateway:~# systemctl restart apache2

Step 2(C): Try to access RDP again

Related Articles

RDP Error: This computer can’t connect to the remote computer

Could not Start Ezeelogin RDP proxy

Add windows server for RDP via browser

Forcing RDP to use TLS Encryption