If you can connect to some servers but not others on the same network, an expired certificate is the most likely culprit.
Open as Administrator and run: Restart-Service TermService -Force
Sometimes, Network Level Authentication (NLA) or encryption mismatches cause the 0x904 error. On the remote host, open .
Ensure both and Remote Desktop (WebSocket) are checked for Private and Public networks.
The self-signed certificate used by Remote Desktop Services has expired and failed to renew automatically.
Windows Defender or third-party antivirus software (like Bitdefender) blocking mstsc.exe or RDP traffic.
This is particularly common on Azure VMs where the MachineKeys folder becomes corrupt, preventing new certificate generation. Step-by-Step Solutions 1. Renew Expired RDP Certificates
Log into the remote server (via a console or alternative remote tool). Press , type certlm.msc , and press Enter . Navigate to Remote Desktop > Certificates .