Certificate Enrollment Web Services - Page 6 - Uwe Gradenegger

Certificate request basics via Certificate Enrollment Web Services (CEP, CES)

With Windows Server 2008 R2 and Windows 7, a new functionality for certificate enrollment has been introduced: The Certificate Enrollment Web Services, which are mapped by two server roles:

Certificate Enrollment Policy Web Service (CEP)
Certificate Enrollment Web Services (CES)

The following is a description of the background to these roles, how they work, and the possible deployment scenarios.

Continue reading

Certificate Enrollment Web Service (CES) request fails with error code "WS_E_SERVER_REQUIRES_NEGOTIATE_AUTH".

Assume the following scenario:

A Certificate Enrollment Web Service (CES) is implemented in the network.
A certificate request is sent to the CES.
The certificate request fails with the following error message:

The remote endpoint requires HTTP authentication scheme 'negotiate'. 0x803d001f (-2143485921 WS_E_SERVER_REQUIRES_NEGOTIATE_AUTH)

Continue reading

Certificate Enrollment Web Service (CES) request fails with error code "WS_E_INVALID_FORMAT".

Assume the following scenario:

A Certificate Enrollment Web Service (CES) is implemented in the network.
A certificate request is sent to the CES.
The certificate request fails with the following error message:

The input data was not in the expected format or did not have the expected value. 0x803d0000 (-2143485952 WS_E_INVALID_FORMAT)

Continue reading

Certificate Enrollment Web Service (CES) request fails with error code "WS_E_ENDPOINT_NOT_FOUND".

Assume the following scenario:

A Certificate Enrollment Web Service (CES) is implemented in the network.
A certificate request is sent to the CES.
The certificate request fails with the following error message:

The remote endpoint does not exist or could not be located. 0x803d000d (-2143485939 WS_E_ENDPOINT_NOT_FOUND)

Continue reading

Certificate Enrollment Policy creation for Certificate Enrollment Policy Web Service (CEP) fails with error code "WS_E_INVALID_FORMAT".

Assume the following scenario:

A Certificate Enrollment Policy Web Service (CEP) is implemented in the network.
An enrollment policy is configured.
Testing the connection fails with the following error message:

Error: The input data was not in the expected format or did not have the expected value. 0x803d0000 (-2143485952 WS_E_INVALID_FORMAT)

Continue reading

Requesting certificates via Certificate Enrollment Web Services fails with error message "Error: The remote endpoint is unable to process the request due to being overloaded. 0x803d0012 (-2143485934 WS_E_ENDPOINT_TOO_BUSY)".

Assume the following scenario:

A user requests a certificate.
An enrollment policy is configured for this, which points to a Certificate Enrollment Policy Web Service (CEP).
The connection to the CEP fails and the user receives the following error message:

Error: The remote endpoint is unable to process the request due to being overloaded. 0x803d0012 (-2143485934 WS_E_ENDPOINT_TOO_BUSY)

Continue reading

Requesting certificates via Certificate Enrollment Web Services fails with error message "Error: A message containing a fault was received from the remote endpoint. 0x803d0013 (-2143485933 WS_E_ENDPOINT_FAULT_RECEIVED)".

Assume the following scenario:

A user requests a certificate.
An enrollment policy is configured for this, which points to a Certificate Enrollment Policy Web Service (CEP).
Authentication is done via Kerberos.
The application for the certificate is made by the CEP server itself.
The connection to the CEP fails and the user receives the following error message:

Error: A message containing a fault was received from the remote endpoint. 0x803d0013 (-2143485933 WS_E_ENDPOINT_FAULT_RECEIVED)

Continue reading

Requesting certificates via Certificate Enrollment Web Services fails with error message "Error: The operation timed out 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)".

Assume the following scenario:

A user requests a certificate.
An enrollment policy is configured for this, which points to a Certificate Enrollment Policy Web Service (CEP).
The connection to the CEP fails and the user receives the following error message:

Error: The operation timed out 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)

Continue reading

Certificate Enrollment Policy creation for Certificate Enrollment Policy Web Service (CEP) fails with error code "WS_E_ENDPOINT_NOT_FOUND".

Assume the following scenario:

A Certificate Enrollment Policy Web Service (CEP) is implemented in the network.
An enrollment policy is configured.
Testing the connection fails with the following error message:

Certificate Request Processor: The remote endpoint does not exist or could not be located. 0x803d000d (-2143485939 WS_E_ENDPOINT_NOT_FOUND)

Continue reading

English