Manually add the RDP executable: Click , browse to C:\Windows\System32\mstsc.exe , and add it with full permissions. Step 4: Fix Azure VM Certificate Corruption
Try these solutions in order. Each step solves a specific subset of error code 0x904 scenarios.
Right-click and any expired certificates listed there. Manually add the RDP executable: Click , browse
Right-click the certificate listed, select -> Manage Private Keys .
:
: Security hardening tools or policy updates can block the TermService (Remote Desktop Services) from reading the certificate's private key.
: The TLS version or encryption ciphers on the client do not match the server's requirements. Firewall Interference Right-click and any expired certificates listed there
: Third-party security software (e.g., Bitdefender) or Windows Firewall may block mstsc.exe or the RDP port (3389).
If it returns inconsistencies, run: winmgmt /salvagerepository Restart the computer. 3. Change RDP Security Layer : The TLS version or encryption ciphers on
If you are trying to access a cloud-hosted virtual machine (like an Azure VM or AWS instance) and encounter an instant 0x904 failure, a corrupted cryptographic key store is likely blocking the host from generating its self-signed RDP certificate.