Certification body - Page 5

Certificate or revocation list issuance fails with error code CERTSRV_E_NO_DB_SESSIONS

Assume the following scenario:

The Certification Authority cannot issue certificates and/or
The Certification Authority cannot issue revocation lists.
At least one of the following error messages is logged:

Event ID: 53 (Microsoft-Windows-CertificationAuthority)

Active Directory Certificate Services denied request 12345 because An attempt was made to open a Certification Authority database session, but there are already too many active sessions. The server may need to be configured to allow additional sessions. 0x8009400f (-2146877425 CERTSRV_E_NO_DB_SESSIONS). The request was for CN=Rudi Ratlos. Additional information: Denied by Policy Module

Event ID: 130 (Microsoft-Windows-CertificationAuthority)

Active Directory Certificate Services could not create a certificate revocation list. An attempt was made to open a Certification Authority database session, but there are already too many active sessions. The server may need to be configured to allow additional sessions 0x8009400f (-2146877425). This may cause applications that need to check the revocation status of certificates issued by this CA to fail. You can recreate the certificate revocation list manually by running the following command: "certutil -CRL". If the problem persists, restart Certificate Services.

Installation of a certificate authority fails with error code ERROR_INVALID_PARAMETER

Assume the following scenario:

A certification authority is installed
The role configuration fails with the following error message:

CCertSrvSetupProperty: The parameter is incorrect. 0x80070057 (WIN32: ERROR_INVALID_PARAMETER).

Installation of a certificate authority fails with error code "Bad Data. 0x80090005 (-2146893819 NTE_BAD_DATA)."

Assume the following scenario:

An attempt is made to install a certificate authority
The role configuration fails with the following error message:

An error occurred when creating the new key container "ADCS Labor Issuing CA 3". Please make sure the CSP is installed correctly or select another CSP.
Bad Data. 0x80090005 (-2146893819 NTE_BAD_DATA).

Installation of a certificate authority integrated into Active Directory using Windows PowerShell fails with error message "A value for the attribute was not in the acceptable range of values. 0x80072082 (WIN32: 8322 ERROR_DS_RANGE_CONSTRAINT)".

Assume the following scenario:

A certification authority (Enterprise CA) integrated into Active Directory is installed using Windows PowerShell (Install-AdcsCertificationAuthority).
The role configuration fails with the following error message:

Install-AdcsCertificationAuthority : Active Directory Certificate Services setup failed with the following error: A value for the attribute was not in the acceptable range of values. 0x80072082 (WIN32: 8322 ERROR_DS_RANGE_CONSTRAINT)

The certification authority service does not start and throws the error message "The device that is required by this cryptographic provider is not ready for use. 0x80090030 (-2146893776 NTE_DEVICE_NOT_READY)"

Assume the following scenario:

A certification authority is implemented in the network.
The certification authority service does not start.
When trying to start the Certification Authority service, you get the following error message:

The device that is required by this cryptographic provider is not ready for use. 0x80090030 (-2146893776 NTE_DEVICE_NOT_READY)

Details of the event with ID 5127 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5127 (0x1407)
Event log:	Security
Event type:	Information
Event text (English):	The OCSP Revocation Provider successfully updated the revocation information. CA Configuration ID: %1 Base CRL Number: %2 Base CRL This Update: %3 Base CRL Hash: %4 Delta CRL Number: %5 Delta CRL Indicator: %6 Delta CRL This Update: %7 Delta CRL Hash: %8
Event text (German):	The OCSP response service has successfully updated the revocation information. Certification authority configuration ID: %1 Base revocation list number: %2 Base revocation list, this update: %3 Base revocation list hash: %4 Delta revocation list number: %5 Delta revocation list display: %6 Delta revocation list, this update: %7 Delta revocation list hash: %8

Details of the event with ID 5059 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5059 (0x13C3)
Event log:	Security
Event type:	Information
Event text (English):	Key migration operation. Subject: Security ID: %1 Account Name: %2 Account Domain: %3 Logon ID: %4 Cryptographic Parameters: Provider Name: %5 Algorithm Name: %6 Key Name: %7 Key Type: %8 Additional Information: Operation: %9 Return Code: %10
Event text (German):	Schlüsselmigrationsvorgang. Antragsteller: Sicherheits-ID: %1 Kontoname: %2 Kontodomäne: %3 Anmelde-ID: %4 Kryptografische Parameter: Anbietername: %5 Algorithmusname: %6 Schlüsselname: %7 Schlüsseltyp: %8 Zusätzliche Informationen: Vorgang: %9 Rückgabecode: %10

Details of the event with ID 5120 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5120 (0x1400)
Event log:	Security
Event type:	Information
Event text (English):	OCSP Responder Service Started.
Event text (German):	The OCSP response service has been started.

Details of the event with ID 5121 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5121 (0x1401)
Event log:	Security
Event type:	Information
Event text (English):	OCSP Responder Service Stopped.
Event text (German):	The OCSP response service has been terminated.

Details of the event with ID 5122 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5122 (0x1402)
Event log:	Security
Event type:	Information
Event text (English):	A Configuration entry changed in the OCSP Responder Service. CA Configuration ID: %1 New Value: %2
Event text (German):	A configuration entry was changed in the OCSP response service. Certification authority configuration ID: %1 New value: %2

Details of the event with ID 5123 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5123 (0x1403)
Event log:	Security
Event type:	Information
Event text (English):	A configuration entry changed in the OCSP Responder Service. Property Name: %1 New Value: %2
Event text (German):	A configuration entry has been changed in the OCSP response service. Property name: %1 New value: %2

Details of the event with ID 5124 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5124 (0x1404)
Event log:	Security
Event type:	Information
Event text (English):	A security setting was updated on OCSP Responder Service. New Value: %1
Event text (German):	A security setting has been updated for the OCSP response service. New value: %1

Details of the event with ID 5125 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5125 (0x1405)
Event log:	Security
Event type:	Information
Event text (English):	A request was submitted to OCSP Responder Service.
Event text (German):	A request is transmitted to the OCSP response service.

Details of the event with ID 5126 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	5126 (0x1406)
Event log:	Security
Event type:	Information
Event text (English):	Signing Certificate was automatically updated by the OCSP Responder Service. CA Configuration ID: %1 New Signing Certificate Hash: %2
Event text (German):	The signing certificate was automatically updated by the OCSP response service. Certification authority configuration ID: %1 New signature certificate hash: %2

Details of the event with ID 4899 of the source Microsoft-Windows-Security-Auditing

Event Source:	Microsoft Windows Security Auditing
Event ID:	4899 (0x1323)
Event log:	Security
Event type:	Information
Event text (English):	A Certificate Services template was updated. %1 v%2 (Schema V%3) %4 %5 Template Change Information: Old Template Content: %8 New Template Content: %7 Additional Information: Domain Controller: %6
Event text (German):	The certificate service template has been updated. %1 v%2 (Scheme V%3) %4 %5 Template information: Template content: %7 Security description: %8 Additional information: Domain Controller: %6