Upgraded server to support TLS 1.2. Cannot connect to the server via PAM RDP; however, RDP from the desktop works fine.
The cipher suite was disabled during the server upgrade. Once it was re-enabled, PAM RDP worked again.
As of release 2.6, the RDP client (the applet) supports TLS 1.2 connections and supports the TLS_RSA_WITH_AES_256_CBC_SHA256 cipher suite.
In 3.2 we introduced forward secrecy for the RDP applet:
The RDP client applet supports TLS 1.2 connections and supports the TLS_RSA_WITH_AES_256_CBC_SHA256 cipher suite. The RDP Client also supports forward secrecy using the following supported cipher suites:
Starting with 3.2, for the highest level of security, ensure your RDP server (target Windows Device) is configured to use forward secrecy with TLS 1.2 communication.
If you are on 3.1.1, your server has to support the TLS_RSA_WITH_AES_256_CBC_SHA256 cipher suite.