Certificate request fails with error message "0x800b0101 (-2146762495 CERT_E_EXPIRED)".

Assume the following scenario:

  • A user requests a certificate from an Active Directory integrated certification authority (Enterprise Certification Authority)
  • The certificate request fails with the following error message.
Certificate not issued (Denied) Error Parsing Request A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495 CERT_E_EXPIRED)

The failed request is logged on the certificate authority.

When trying to make a certificate request from the certificate management console (certlm.msc for the computer account, certmgr.msc for the user account), the certificate template is not available for selection, but is hidden. If you show all certificate templates, a corresponding error message is displayed.

A required certificate is not within its validity period when verifying against the current sysem clock or the timestamp in the signed file.
A calid certification authority (CA) configured to issue certificates based on this template cannot be located, or the CA does not support this opration, or the CA is not trusted

Solution

Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.

Quite obviously, the certification authority certificate has expired. A new certificate request for the certification authority certificate must be made and signed before the certification authority can issue certificates again.

Related links:

2 thoughts on “Die Beantragung eines Zertifikats schlägt fehl mit Fehlermeldung „0x800b0101 (-2146762495 CERT_E_EXPIRED)“”

Comments are closed.

en_USEnglish