75o5c (75o5c) asked a question.
Beginning this week I am suddenly having issues with MFA when using RDP on Servers. We have the .NET 4.6/TLS1.2 registry fix internally as part of our standard process when first installing Okta. This is the error I am receiving
Minting JWT completed
InvalidOperationException thrown System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IO.IOException: Authentication failed because the remote party has closed the transport stream.
at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
--- End of inner exception stack trace ---
at System.Net.HttpWebRequest.GetResponse()
at OktaWidget.JwtService.GetStateTokenUsingJwt(String username)
at OktaWidget.OktaWidgetForm..ctor(String username, Int64 parent, Boolean doMfaChallenge)
at OktaWidget.OktaWidgetClass.displayWidget(Int64 parent, String username)
Hi @75o5c (75o5c),
Thank you for posting on the Okta community page!
I have done some research and I would recommend to make sure that you have installed a .NET Framework Core 4.6.2 version or above and that the TLS 1.2 is properly enabled:
Additionally, if this error is only showing up for your account and the rest of the users are not affected, I would check the system logs to see if any changes have been made to the account that might indicate the root cause of the issue. Also, I would make sure that the username of the account assigned to the RPD app in Okta is an exact match with the one on the server.
You could also take a look at the below articles since they contain information about the “Multifactor Authentication Failed” errors and about MFA for Windows Credentials Provider for Okta Clasic Engine:
------------------------------------------------------------------------------------------------------------------------------------------------
Community members help others by clicking Upvote or Select as Best on responses. Try it today.