have you been experiencing long RDP connection times? RDP uses the highest possible security level encryption method between the source and destination.

In Windows 7 or later versions, the remote desktop connection uses the SSL (TLS 1.0) Protocol and the encryption is Certificate-based.

This means the authentication is performed by using self-signed certificates (default) or a certificate issued by a certification authority installed on the remote session host server (Terminal Server).

If you use a self-signed certificate, the system tries to retrieve the trusted certification authority list from the Internet to check the publish and revocation status of the certificate. Therefore, the "Securing remote connection" screen may appear for a while.


Deploy a Group Policy Object to the client to turn off Automatic Root Certificates Update. To do this, follow these steps on a Windows Server 2012 R2-based computer:

Open Group Policy Management Console. To do this, hold the Windows key and press the r key. Type Gpmc.msc in the Run box, and then select OK.

Create a new Group Policy Object (GPO) or select an existing Group Policy Object (GPO) to change.

Right-click the selected Group Policy Object (GPO) and then select Edit and browse to the following Group Policy:

Computer Configuration > Administrative Templates > System > Internet Communication Management > Internet Communication settings

In the details pane, double-click Turn off Automatic Root Certificates Update, and then select Enabled.

You can find more information and another workaround here:


Many thanks to Jan Egil Ring for pointing this out!