| Event Source: | Microsoft-Windows-CertificationAuthority |
| Event ID: | 9 (0x9) |
| Event log: | Application |
| Event type: | Error |
| Symbolic Name: | MSG_NO_POLICY |
| Event text (English): | The Active Directory Certificate Services did not start: Unable to load an external policy module. |
| Event text (German): | Active Directory Certificate Services failed to start: No external policy module could be loaded. |
Example events
The Active Directory Certificate Services did not start: Unable to load an external policy module.
Description
Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.
Occurs when the certificate authority cannot load a policy module. Occurs in conjunction with the Event no. 44 on.
It may occur due to the cause when no connection to the Active Directory can be established when the Certificate Authority service is started. In this case, the events no. 91 and 94 logged.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
Since the certification authority service cannot start, the certification authority is not available. In addition to not being able to apply for certificates, this will also mean that no new revocation lists will be issued in the long term and thus services that depend on the PKI will fail.
It is therefore essential to raise the alarm. Also should Emergency measures be initiated to maintain the blacklist operation.
Microsoft rating
Microsoft evaluates this event in the Securing Public Key Infrastructure (PKI) Whitepaper with a severity score of "Low".
Related links:
- Overview of Windows events generated by the certification authority
- Overview of audit events generated by the Certification Authority
- Perform emergency signing of certificate revocation lists
External sources
- Event ID 9 - AD CS Policy Module Processing (Microsoft)
- Securing Public Key Infrastructure (PKI) (Microsoft)
English 
Deutsch
One thought on “Details zum Ereignis mit ID 9 der Quelle Microsoft-Windows-CertificationAuthority”
Comments are closed.