Hi all,
I'm noticing that xfreerdp and remmina fails to connect to a Windows 11 machine while using NLA:
$ xfreerdp /v:host /u:user@example.com /d:MicrosoftAccount /sec:nla
[17:04:04:954] [26344:92f3b640] [WARN][com.freerdp.crypto] - Certificate verification failure 'unable to get local issuer certificate (20)' at stack position 0
[17:04:04:954] [26344:92f3b640] [WARN][com.freerdp.crypto] - CN = daniell-kvm-windows11
Password:
[17:04:08:675] [26344:92f3b640] [ERROR][com.freerdp.core.transport] - BIO_read returned an error: error:1404C438:SSL routines:ST_OK:tlsv1 alert internal error
[17:04:08:675] [26344:92f3b640] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[17:04:08:823] [26344:92f3b640] [ERROR][com.freerdp.core.transport] - BIO_read returned an error: error:1404C438:SSL routines:ST_OK:tlsv1 alert internal error
[17:04:08:823] [26344:92f3b640] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[17:04:08:823] [26344:92f3b640] [ERROR][com.freerdp.core] - freerdp_post_connect failed
Remmina just says "Cannot connect to the RDP server" after a couple of seconds.
Funny thing is, every attempt results in a successful logon event on Windows.
Switching off NLA on the Windows machine and trying /sec:tls with xfreerdp (or switching to TLS security in Remmina) shows the usual graphical logon screen where I can login without a problem. Same clients on other OSes also work (Android, Linux, etc...).
Is this something to do with LibreSSL, maybe? Has this ever worked on OpenBSD?
Daniel
No comments:
Post a Comment