| Event Source: | Microsoft-Windows-CertificationAuthority |
| Event ID: | 102 (0x66) |
| Event log: | Application |
| Event type: | Error |
| Symbolic Name: | MSG_E_CROSS_CERT_EXTENSION_CONFLICT |
| Event text (English): | Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates. The %2 extension is inconsistent. %3. %4. |
| Event text (German): | Active Directory Certificate Services could not create an overarching %1 certificate to certify its own root certificates. The %2 extension is inconsistent. %3. %4. |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: Version (win:UnicodeString)
- %2: ExtensionOid (win:UnicodeString)
- %3: Disposition (win:UnicodeString)
- %4: ErrorCode (win:UnicodeString)
Example events
Active Directory Certificate Services could not create cross certificate (2-1) to certify its own root certificates. The Certificate Policies extension is inconsistent. Requested by WORKGROUP\WIN-SPI7G4A26OT$. The certification authority's certificate contains invalid data. 0x80094005 (-2146877435 CERTSRV_E_INVALID_CA_CERTIFICATE).
Description
Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.
See article "Certificate authority certificate request fails with error message "The certification authority's certificate contains invalid data. 0x80094005 (-2146877435 CERTSRV_E_INVALID_CA_CERTIFICATE)"." and "Disable the generation of the cross-certification authority certificates„.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
No description has been written for this yet.
Microsoft rating
Microsoft evaluates this event in the Securing Public Key Infrastructure (PKI) Whitepaper with a severity score of "Low".
Related links:
- Overview of Windows events generated by the certification authority
- Overview of audit events generated by the Certification Authority
External sources
- Event ID 102 - AD CS Cross-Certification (Microsoft)
- Securing Public Key Infrastructure (PKI) (Microsoft)
English 
Deutsch
One thought on “Details zum Ereignis mit ID 102 der Quelle Microsoft-Windows-CertificationAuthority”
Comments are closed.