Details of the event with ID 18 of the source Microsoft-Windows-NetworkDeviceEnrollmentService

Author Uwe GradeneggerPosted on Categories Events, Network Device Registration Service (NDES)Tags
Event Source:Microsoft-Windows-NetworkDeviceEnrollmentService
Event ID:18 (0x12)
Event log:Application
Event type:Error
Symbolic Name:EVENT_MSCEP_FAIL_TO_DECRYPT_INNER
Event text (English):The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (%1). %2
Event text (German):The client's PKCS7 message (%1) cannot be decrypted by the network device registration service. %2

Parameter

The parameters contained in the event text are filled with the following fields:

  • %1: ErrorCode (win:UnicodeString)
  • %2: ErrorMessage (win:UnicodeString)

The Network Device Enrollment Service (NDES) provides a way for devices that do not have an identifier in Active Directory (for example, network devices such as routers, switches, printers, thin clients, or smartphones and tablets) to request certificates from a certification authority. For a more detailed description, see the article "Network Device Enrollment Service (NDES) Basics„.

Example events

The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (0x80070005).
The Network Device Enrollment Service could not decrypt the client's PKCS7 message (0x80090020).  An internal error occurred.
The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (0x80090005).  Bad Data.

Description

Occurs when the PKCS#7 message sent by the SCEP client to the network device registration service cannot be decrypted.

Error code "Bad Data" (0x80090005)

This may be the case, for example, if the Registration Authority Certificates have been renewed recently and messages were still encrypted with the key of the previous CEP Encryption certificate. This can occur again if, for example, the certificate enrollment was done with the SSCEP Client was performed and the Registration Authority certificates were not retrieved again.

See also article "Requesting certificates via Network Device Enrollment Service (NDES) fails with HTTP error code 500„.

Safety assessment

The security assessment is based on the three dimensions of confidentiality, integrity and availability.

Availability may be affected, so this event should be under consideration.

Related links:

External sources

One thought on “Details zum Ereignis mit ID 18 der Quelle Microsoft-Windows-NetworkDeviceEnrollmentService”

  1. Pingback: Requesting certificates via Network Device Enrollment Service (NDES) fails with HTTP error code 500 - Uwe Gradenegger

Comments are closed.

en_USEnglish
de_DEDeutsch en_USEnglish