| Event Source: | Microsoft-Windows-CertificateServicesClient-AutoEnrollment |
| Event ID: | 64 (0x80000040) |
| Event log: | Application |
| Event type: | Warning |
| Event text (English): | Certificate for %1 with Thumbprint %2 is about to expire or already expired. |
| Event text (German): | Certificate for %1 with fingerprint %2 will soon be invalid or is already invalid. |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: Context (win:UnicodeString)
- %2: ObjId (win:UnicodeString)
Example events
Certificate for local System with Thumbprint 5f ad eb 99 40 bd 73 d2 5c f0 c2 c3 26 4d 94 38 d3 2f 46 21 is about to expire or already expired.
Description
The event is triggered when the certificate is about to expire (or has expired) according to the time interval configured in the Autoenrollment group policy.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
If a certificate is renewed by the autoenrollment process, the renewed certificate is provided with the aerchivbit, so no such message should be issued for renewed certificates.
An alert can therefore be quite useful to detect and prevent an impending certificate expiration and thus a potential failure of the associated application.
English 
Deutsch
One thought on “Details zum Ereignis mit ID 64 der Quelle Microsoft-Windows-CertificateServicesClient-AutoEnrollment”
Comments are closed.