Certificate request fails with error message "The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)".

Author Uwe GradeneggerPosted on Categories Online Certificate Status Protocol (OCSP), Troubleshooting, Certification AuthorityTags

Assume the following scenario:

  • A certificate request is sent to a certification authority.
  • The certificate request fails with the following error message:
Error Parsing Request The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)

For this purpose, the Certification Authority protocols the Event with ID 22 of the source Microsoft-Windows-CertificationAuthority with identical error message.

Active Directory Certificate Services could not process request 77 due to an error: The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND). The request was for CN=WEB01.intra.adcslabor.de. Additional information: Error Parsing Request

Possible causes:

Do you know TameMyCerts? TameMyCerts is an add-on for the Microsoft certification authority (Active Directory Certificate Services). It extends the function of the certification authority and enables the Application of regulationsto realize the secure automation of certificate issuance. TameMyCerts is unique in the Microsoft ecosystem, has already proven itself in countless companies around the world and is available under a free license. It can downloaded via GitHub and can be used free of charge. Professional maintenance is also offered.

This error message occurs when the certification authority is configured to allow the applicant to select the signature key, and an invalid signature key is requested.

The request for a specific signature key is made via the "Authority Key Identifier" (AKI) extension within the certificate request (see article "Inspect a certificate request (CSR)„).

If an invalid signature key is now requested, the certification authority cannot find a matching key, so that the error described above is generated. This case can occur, for example, if there is an online responder (OCSP) in the network and this has a revocation configuration for a certification authority certificate which is has been removed from the configuration of the certification authority.

If the corresponding certification authority certificate has been removed from the certification authority configuration, the associated revocation configuration should also be removed from the online responder.

Related links:

2 thoughts on “Die Beantragung eines Zertifikats schlägt fehl mit Fehlermeldung „The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)“”

  1. Pingback: Allow the request of a specific signature key on a certification authority - Uwe Gradenegger
  2. Pingback: Details about the event with ID 22 of the source Microsoft-Windows-CertificationAuthority - Uwe Gradenegger

Comments are closed.

en_USEnglish
de_DEDeutsch en_USEnglish