Hey everyone! I'm looking for some help with an issue my colleague is facing while trying to connect to their work computer remotely. They're getting an error saying, "A certification authority could not be contacted for authentication. If you are using a Remote Desktop Gateway with a smart card, try connecting to the remote computer using a password. For assistance, contact your system administrator or technical support." This happens when they try to use Remote Desktop Protocol (RDP) from home, and interestingly, Mac users aren't having any problems at all. Just to clarify, they are connected via IPSec VPN, and the computer they're trying to access is running Windows 11. The password works, but after entering it, this error pops up. Anyone know what might be going on?
6 Answers
It's worth noting that while Macs often switch to username/password without any issues, Windows can be a bit more finicky. Make sure to disable the smart card option in the RDP settings; there are a few places where this can be configured. That might just fix the issue!
But why does this issue happen? Because they see the password prompt, but the error comes up immediately after the password is entered.
The password prompt on Windows can be misleading in situations like this. It tries to authenticate in the background with certificates even though it looks like it’s going for username and password. This can lead to that error if it can't reach the CA. Often, unchecking smart card options in the settings fixes it. Clearing saved credentials or testing a new RDP session can also help narrow down if it's a client-side issue rather than a VPN or remote PC problem.
Is there an RDP gateway being used? If so, make sure there's a public SSL certificate linked to it. Sometimes if the client machine doesn't trust that certificate or the certification authority (CA), it can lead to such errors. But without an RDP gateway, this might not apply.
No, there’s no RDP gateway set up.
I noticed a similar issue when trying to RDP into a new laptop I got. It prompts me for a login, but it only works if I log in on the device first. Maybe this problem is related?
In my case, everything seems okay until after entering the password, where the error shows up.
First off, you should double-check that they are indeed using a VPN. It can sometimes get tricky, so better safe than sorry! Especially since it seems that's the setup they're working with.
Yes, they are definitely connecting through a VPN.
This sounds a lot like they're inadvertently using Windows Hello for authentication, which could explain the weird issues specific to Windows. Unlike Macs that default to a simpler method, Windows might be prioritizing certificate-based authentication in the background, leading to the error once it can't contact the CA.
Can you please tell me how we can check and change this?