Resolving this error requires a systematic approach, moving from basic local checks to advanced network configurations. 1. Verify Basic Network Connectivity
Follow these steps in order to resolve the connection issue. Resolving this error requires a systematic approach, moving
: Windows generates self-signed certificates for RDP traffic. If these certificates expire or corrupt silently in the background, the secure TLS tunnel will instantly fail. : Windows generates self-signed certificates for RDP traffic
Using an outdated client can break communication. The built-in mstsc.exe is updated sporadically. The Microsoft Store version of "Windows App" (formerly Remote Desktop) often contains the latest handshake protocols and cipher suites. The built-in mstsc
Expired self-signed security certificates are the leading cause of this error. If you have alternate access to the host (via a direct physical console, hypervisor viewer, or cloud dashboard), clear out the old digital signature.
Your Windows Defender Firewall might block the RDP application if the network profile changed from "Private" to "Public." Additionally, third-party firewalls or proxy servers inspecting RDP traffic can interfere with the SSL/TLS handshake, forcing the socket to close. Load balancers (like HAProxy) that strip or modify the TLS data stream can also force a disconnect with a 0x904 error.
In the Azure Portal , go to your VM and select > RunPowerShellScript .