Event ID 1058 — Remote Desktop Services Authentication and Encryption

Applies To: Windows Server 2008 R2

Transport Layer Security (TLS) 1.0 enhances the security of sessions by providing server authentication and by encrypting RD Session Host server communications. The RD Session Host and the client computer must be correctly configured for clients to make successful remote connections and for TLS to provide enhanced security. For example, a certificate is needed to authenticate an RD Session Host server when SSL (TLS 1.0) is used to secure communication between a client and an RD Session Host server during Remote Desktop Protocol (RDP) connections.

Event Details

Product: Windows Operating System
ID: 1058
Source: Microsoft-Windows-TerminalServices-RemoteConnectionManager
Version: 6.1
Message: The Terminal Server has failed to replace the expired self signed certificate used for Terminal Server authentication on SSL connections. The relevant status code was %1.


Increase available memory

To resolve this issue, increase available memory. If this condition persists, contact  Microsoft Customer Service and Support. For information about how to contact CSS, see Support Options from Microsoft Services (http://go.microsoft.com/fwlink/?LinkId=52267).

One way to increase the amount of available memory is to determine if there are any programs or processes running on the RD Session Host server that can be closed. Use Task Manager to determine which processes are using the most memory, and to end those processes.

To perform this procedure, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.

To free up memory on the RD Session Host server by using Task Manager:

  1. On the RD Session Host server, right-click an empty area of the taskbar, and then click Start Task Manager.
  2. Click the Processes tab.
  3. Make sure that the User Name and Memory (Private Working Set) columns appear. If they do not appear, on the View menu, click Select Columns, select the User Name and the Memory (Private Working Set) check boxes, and then click OK.
  4. At the bottom of the tab, select the Show processes from all users check box.
  5. To sort the processes by memory usage, click the Memory (Private Working Set) column header.
  6. Determine if you can end any of the memory-intensive processes.
  7. To end a process, click the process name, and then click End Process.
  8. Click End Process to confirm that you want to end the process.

If you cannot free memory by using Task Manager, or if this issue still occurs after you try to free up memory, restart the RD Session Host server.


When Transport Layer Security (TLS) 1.0 is functioning as expected for server authentication and encryption of RD Session Host server communications, clients can make connections to RD Session Host servers by using TLS 1.0 (SSL).

To verify that the TLS 1.0 (SSL) settings are correctly configured and working properly on the RD Session Host server to provide server authentication and encryption for connections, use Remote Desktop Connection from a client computer to connect to the RD Session Host server. If you can connect to the RD Session Host server and there is a lock symbol in the upper-left corner of the connection bar at the top of the window, TLS 1.0 (SSL) is being used for the connection.

Note: To ensure that the connection bar is displayed when you use Remote Desktop Connection to connect from a client computer, select full-screen mode when configuring Remote Desktop Connection settings.

To select full-screen mode in Remote Desktop Connection:

  1. Open Remote Desktop Connection. To open Remote Desktop Connection, click Start, click Accessories, and then click Remote Desktop Connection.
  2. Click Options to display the Remote Desktop Connection settings, and then click Display.
  3. Under Remote desktop size, drag the slider all the way to the right to ensure that the remote desktop that you plan to connect to is displayed in full-screen mode.

Remote Desktop Services Authentication and Encryption

Remote Desktop Services