Event Source: | Microsoft-Windows-NetworkDeviceEnrollmentService |
Event ID: | 18 (0x12) |
Event log: | Application |
Event type: | Error |
Symbolic Name: | EVENT_MSCEP_FAIL_TO_DECRYPT_INNER |
Event text (English): | The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (%1). %2 |
Event text (German): | The client's PKCS7 message (%1) cannot be decrypted by the network device registration service. %2 |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: ErrorCode (win:UnicodeString)
- %2: ErrorMessage (win:UnicodeString)
The Network Device Enrollment Service (NDES) provides a way for devices that do not have an identifier in Active Directory (for example, network devices such as routers, switches, printers, thin clients, or smartphones and tablets) to request certificates from a certification authority. For a more detailed description, see the article "Network Device Enrollment Service (NDES) Basics„.
Example events
The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (0x80070005).
The Network Device Enrollment Service could not decrypt the client's PKCS7 message (0x80090020). An internal error occurred.
The Network Device Enrollment Service cannot decrypt the client's PKCS7 message (0x80090005). Bad Data.
Description
Occurs when the PKCS#7 message sent by the SCEP client to the network device registration service cannot be decrypted.
Error code "Bad Data" (0x80090005)
This may be the case, for example, if the Registration Authority Certificates have been renewed recently and messages were still encrypted with the key of the previous CEP Encryption certificate. This can occur again if, for example, the certificate enrollment was done with the SSCEP Client was performed and the Registration Authority certificates were not retrieved again.
See also article "Requesting certificates via Network Device Enrollment Service (NDES) fails with HTTP error code 500„.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
Availability may be affected, so this event should be under consideration.
One thought on “Details zum Ereignis mit ID 18 der Quelle Microsoft-Windows-NetworkDeviceEnrollmentService”
Comments are closed.