Fix for “This could be due to CredSSP encryption oracle remediation”


Table of Contents


When you try to connect to a remote Windows server using Remote Desktop Connection Client after May 8, 2018 you get this error:

CredSSP encryption oracle remediation error window
CredSSP encryption oracle remediation error window
[Window Title]
Remote Desktop Connection

An authentication error has occurred.
The function requested is not supported

Remote computer: XXX.XXX.XXX.XXX
This could be due to CredSSP encryption oracle remediation.
For more information, see


This is because of security vulnerability CVE-2018-0886 | CredSSP Remote Code Execution Vulnerability .

On May 8th Microsoft released update which changes Encryption Oracle Remediation default behavior setting from Vulnerable to Mitigated option.

That means that: "client applications that use CredSSP will not be able to fall back to insecure versions".

Now, if you try to connect to a machine which does not have this update (maybe machine was suspended) it will have Encryption Oracle Remediation set to Vulnerable which means that:

"client applications that use CredSSP will expose remote servers to attacks by supporting fallback to insecure versions".


If you are system administrator I suggest that you read more about possible solutions at CredSSP updates for CVE-2018-0886

If you just want to make it work and you are trying to connect to a server which is out of your reach and you can't physically access it to install updates, follow this solution.

Perform these steps, install updates on remote server and to stay secure revert changes back to what it was.

  1. Open Local Group Policy Editor< by typing gpedit in Start Menu

  2. Navigate to policy path: Computer Configuration -> Administrative Templates -> System -> Credentials Delegation and double click setting name: Encryption Oracle Remediation

    Click to enlarge
  3. Enable it and set Protection Level to Vulnerable. Click OK

    Click to enlarge
  4. Now you will be able to connect to remove server and install updates. After that, set Encryption Oracle Remediation back to Not Configured

  1. Anonymous says

    Thanks save us alot of time

  2. Ivanda says


  3. Zoe_Gune says

    It worked straight away with windows 10 and Windows Server 2016. 100%

  4. Sameer Saleem says

    I found this the easiest way :

    REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

    1. Sebastian Expert says


  5. Girish says


  6. Max says

    Awesome !! Thanks for this 🙂

  7. vikrant says

    Wonderful! Thank you very much to save my troubleshooting time

  8. Moath Alomari says

    Thanks you very much 🙂
    it is works 🙂

  9. Felix says

    how can i do it but in windows 10 home, the credentials delegation folder isn’t listed

    1. Sebastian Expert says
  10. hema says

    Thanks. It worked

  11. Hema says

    Thanks. It did work

  12. Anonymous says

    working 100%

  13. Anonymous says

    terima kasih atas tutorialnya, sangat membantu \\ thank you for this article, it’s very helpful.

  14. Ragavan says

    Good Working

  15. prashant says

    thanks, that was helpful.

  16. NAEEM says


Leave A Reply

Your email address will not be published.