Details of the event with ID 51 of the source Microsoft-Windows-CertificationAuthority

Author Uwe GradeneggerPosted on Categories Events, Certification AuthorityTags
Event Source:Microsoft-Windows-CertificationAuthority
Event ID:51 (0x33)
Event log:Application
Event type:Error
Symbolic Name:MSG_E_CA_CERT_REVOKED
Event text (English):A certificate in the chain for CA certificate %3 for %1 has been revoked. %2.
Event text (German):A certificate in the certificate authority certificate chain %3 for %1 has been revoked. %2.

Parameter

The parameters contained in the event text are filled with the following fields:

  • %1: CACommonName (win:UnicodeString)
  • %2: ErrorCode (win:UnicodeString)
  • %3: CACertIdentifier (win:UnicodeString)

Example events

A certificate in the chain for CA certificate 0 for ADCS Labor Issuing CA 3 has been revoked. The certificate is revoked. 0x80092010 (-2146885616 CRYPT_E_REVOKED).

Description

Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.

This event occurs when the certification authority service is started if one of the previous certification authority certificates has been revoked by the parent certification authority. See also article "What impact does the revocation of a certification authority certificate have on the certification authority?". If the revocation concerns the current certification authority certificate, the following is displayed instead the event with ID 100 logged.

Safety assessment

The security assessment is based on the three dimensions of confidentiality, integrity and availability.

The certification authority service will start regularly, so no impact on availability is expected.

Microsoft rating

Microsoft evaluates this event in the Securing Public Key Infrastructure (PKI) Whitepaper with a severity score of "Low".

Related links:

External sources

One thought on “Details zum Ereignis mit ID 51 der Quelle Microsoft-Windows-CertificationAuthority”

  1. Pingback: What impact does the revocation of a certification authority certificate have on the certification authority? - Uwe Gradenegger

Comments are closed.

en_USEnglish
de_DEDeutsch en_USEnglish