Share via


Event ID 1058 — Terminal Services Authentication and Encryption

Applies To: Windows Server 2008

Transport Layer Security (TLS) 1.0 enhances the security of Terminal Services sessions by providing server authentication and by encrypting terminal server communications. The terminal server and the client computer must be correctly configured for clients to make successful remote connections and for TLS to provide enhanced security. For example, a certificate is needed to authenticate a terminal server when SSL (TLS 1.0) is used to secure communication between a client and a terminal server during Remote Desktop Protocol (RDP) connections.

Event Details

Product: Windows Operating System
ID: 1058
Source: Microsoft-Windows-TerminalServices-RemoteConnectionManager
Version: 6.0
Symbolic Name: EVENT_TS_SSL_SELF_SIGNED_CERT_REPLACE_FAILED
Message: The Terminal Server has failed to replace the expired self signed certificate used for Terminal Server authentication on SSL connections. The relevant status code was %1.

Resolve

Increase available memory

To resolve this issue, increase available memory. If this condition persists, contact  Microsoft Customer Service and Support. For information about how to contact CSS, see Support Options from Microsoft Services (https://go.microsoft.com/fwlink/?LinkId=52267).

One way to increase the amount of available memory is to determine if there are any programs or processes running on the terminal server that can be closed. Use Task Manager to determine which processes are using the most memory, and to end those processes.

To perform this procedure, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.

To free up memory on the terminal server by using Task Manager:

  1. On the terminal server, right-click an empty area of the taskbar, and then click Task Manager.
  2. Click the Processes tab.
  3. Make sure that the User Name and Memory (Private Working Set) columns appear. If they do not appear, on the View menu, click Select Columns, select the User Name and the Memory (Private Working Set) check boxes, and then click OK.
  4. At the bottom of the tab, select the Show processes from all users check box.
  5. To sort the processes by memory usage, click the Memory (Private Working Set) column header.
  6. Determine if you can end any of the memory-intensive processes.
  7. To end a process, click the process name, and then click End Process.
  8. Click End Process to confirm that you want to end the process.

If you cannot free memory by using Task Manager, or if this issue still occurs after you try to free up memory, restart the terminal server.

Verify

When Transport Layer Security (TLS) 1.0 is functioning as expected for server authentication and encryption of terminal server communications, clients can make connections to terminal servers by using TLS 1.0 (SSL).

To verify that the TLS 1.0 (SSL) settings are correctly configured and working properly on the terminal server to provide server authentication and encryption for connections, use Remote Desktop Connection from a client computer to connect to the terminal server. If you can connect to the terminal server and there is a lock symbol in the upper-left corner of the connection bar at the top of the window, TLS 1.0 (SSL) is being used for the connection.

Note: To ensure that the connection bar is displayed when you use Remote Desktop Connection to connect from a client computer, select full-screen mode when configuring Remote Desktop Connection settings.

To select full-screen mode in Remote Desktop Connection:

  1. Open Remote Desktop Connection. To open Remote Desktop Connection, click Start, click Accessories, and then click Remote Desktop Connection.
  2. Click Options to display the Remote Desktop Connection settings, and then click Display.
  3. Under Remote desktop size, drag the slider all the way to the right to ensure that the remote desktop that you plan to connect to is displayed in full-screen mode.

Terminal Services Authentication and Encryption

Terminal Services