Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 102 (0x66) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | MSG_E_CROSS_CERT_EXTENSION_CONFLICT |
Event text (English): | Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates. The %2 extension is inconsistent. %3. %4. |
Event text (German): | Active Directory Certificate Services could not create an overarching %1 certificate to certify its own root certificates. The %2 extension is inconsistent. %3. %4. |
Category: Events
Details of the event with ID 103 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 103 (0x67) |
Event log: | Application |
Event type: | Warning |
Symbolic Name: | MSG_E_MISSING_POLICY_ROOT |
Event text (English): | Active Directory Certificate Services added the root certificate of certificate chain %1 to the downloaded Trusted Root Certification Authorities Enterprise store on the CA computer. This store will be updated from the Certification Authorities container in Active Directory the next time Group Policy is applied. To verify that the CA certificate is published correctly in Active Directory, run the following command: certutil -viewstore "%2" (you must include the quotation marks when you run this command). If the root CA certificate is not present, use the Certificates console on the root CA computer to export the certificate to a file, and then run the following command to publish it to Active Directory: Certutil -dspublish rtificatefilename% Root. |
Event text (German): | The root certificate of the certificate chain %1 has been downloaded to the company store of the trusted root certification authorities on the certification authority computer. This store will be updated by the CA container in Active Directory the next time the group policy is applied. Run the following command to ensure that the root CA certificate has been correctly published to Active Directory: certutil -viewstore "%2" (you must also enter the quotation marks when running the command). If the root CA certificate does not exist, use the certificate console on the certification root machine to export the certificate to a file. Then run the following command to publish the certificate in Active Directory: Certutil -dspublish rtificatefilename% Root. |
Details of the event with ID 104 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 104 (0x68) |
Event log: | Application |
Event type: | Information |
Symbolic Name: | MSG_E_ADDED_MISSING_CA_CERT |
Event text (English): | Active Directory Certificate Services published certificate %1 to %2. |
Event text (German): | The certificate %1 was published in %2 by Active Directory Certificate Services. |
Details of the event with ID 105 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 105 (0x69) |
Event log: | Application |
Event type: | Information |
Symbolic Name: | MSG_E_DELETED_INVALID_CA_CERT |
Event text (English): | Active Directory Certificate Services deleted invalid certificate %1 from %2. |
Event text (German): | Invalid certificate %1 was deleted from %2 by Active Directory Certificate Services. |
Details of the event with ID 91 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 91 (0x5B) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | MSG_E_DS_RETRY |
Event text (English): | Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access. |
Event text (German): | Failed to connect to Active Directory. The process will be repeated as soon as access to Active Directory is required again during processing. |
Details of the event with ID 92 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 92 (0x5C) |
Event log: | Application |
Event type: | Error |
Event text (English): | Active Directory Certificate Services could not update security permissions. %1 |
Event text (German): | The security permissions could not be updated. %1 |
Details of the event with ID 93 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 93 (0x5D) |
Event log: | Application |
Event type: | Warning |
Symbolic Name: | MSG_CA_CERT_NO_IN_AUTH |
Event text (English): | The certificate (#%1) of Active Directory Certificate Services %2 does not exist in the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container. The directory replication may not be completed. |
Event text (German): | The certificate (#%1) of Active Directory Certificate Services %2 does not exist in the certificate store under "CN=NTAuthCertificates,CN=Public Key Services,CN=Services" in the Active Directory configuration container. Directory replication may not have been completed. |
Details of the event with ID 94 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 94 (0x5E) |
Event log: | Application |
Event type: | Warning |
Symbolic Name: | MSG_CA_CERT_NO_AUTH_STORE |
Event text (English): | Active Directory Certificate Services %1 cannot open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container. |
Event text (German): | The certificate store under "CN=NTAuthCertificates,CN=Public Key Services,CN=Services" in the Active Directory configuration container cannot be opened by Active Directory Certificate Services %1. |
Details of the event with ID 95 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 95 (0x5F) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | MSG_BAD_PERMISSIONS |
Event text (English): | Security permissions are corrupted or missing. The Active Directory Certificate Services may need to be reinstalled. |
Event text (German): | The security authorizations are damaged or missing. The Active Directory certificate services may need to be reinstalled. |
Details of the event with ID 96 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 96 (0x60) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | MSG_E_CANNOT_CREATE_XCHG_CERT |
Event text (English): | Active Directory Certificate Services could not create an encryption certificate. %1. %2. |
Event text (German): | No encryption certificate could be created by Active Directory Certificate Services. %1. %2. |
Details of the event with ID 97 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 97 (0x61) |
Event log: | Application |
Event type: | Warning |
Symbolic Name: | MSG_CLAMPED_BY_CA_CERT |
Event text (English): | Active Directory Certificate Services %1 will reduce the maximum lifetime of the issued certificate for request %2 because the CA certificate lifetime is shorter than the registry validity period. Consider renewing the CA certificate or reducing the registry validity period. |
Event text (German): | From Active Directory Certificate Services %1, the maximum validity period of the issued certificate for request %2 is reduced because the validity period of the certificate authority certificate is shorter than the registration validity period. You should renew the certification authority certificate or shorten the registration validity period. |
Details of the event with ID 98 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 98 (0x62) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | MSG_E_TOO_MANY_KRA_INVALID |
Event text (English): | Active Directory Certificate Services encountered errors validating configured key recovery certificates. Requests to archive private keys will no longer be accepted. |
Event text (German): | An error occurred while loading configured key recovery certificates. Private key archiving requests are no longer accepted. |
Details of the event with ID 90 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 90 (0x5A) |
Event log: | Application |
Event type: | Error |
Event text (English): | %1: Active Directory Certificate Services detected an exception at address %2. Flags = %3. The exception is %4. |
Event text (German): | %1: An exception was detected at address %2. Flag: %3. Exception: %4. |
Details of the event with ID 81 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 81 (0x51) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | MSG_E_KRA_NOT_ADVANCED_SERVER |
Event text (English): | Active Directory Certificate Services key archival is only supported on Advanced Server. %1 |
Event text (German): | Key archiving of Active Directory certificate services is only supported under Advanced Server. %1 |
Details of the event with ID 82 of the source Microsoft-Windows-CertificationAuthority
Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 82 (0x52) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | MSG_E_TOO_FEW_VALID_KRA_CERTS |
Event text (English): | Active Directory Certificate Services could only verify %1 of %2 key recovery certificates required to enable private key archival. Requests to archive private keys will not be accepted. |
Event text (German): | Only %1 of %2 key recovery certificates required for archiving private keys could be verified. Requests for archiving private keys are not accepted. |