Details of the event with ID 7 of the source Microsoft-Windows-EnrollmentWebService

Event Source:	Microsoft Windows EnrollmentWebService
Event ID:	7 (0x7)
Event log:	Microsoft-Windows-EnrollmentWebService/Admin
Event type:	Error
Event text (English):	The Certificate Enrollment Web Service is attempting to use renewal-only mode, but certification authority (CA) "%1" does not support this mode. To use renewal-only mode, configure the Certificate Enrollment Web Service to use a CA that is installed on a computer that is running at least Windows Server 2008 R2. Then, configure the CA by running the following command on the CA: certutil -setreg policy\editflags +EDITF_ENABLERENEWONBEHALFOF. Otherwise, disable renewal-only mode. If no action is taken, subsequent requests will be rejected.
Event text (German):	The certificate enrollment web service tries to use the renewals-only mode. However, this mode is not supported by the "%1" certificate authority. If you want to use renewals-only mode, configure the Certificate Enrollment Web Service to use a certificate authority that is installed on a computer running Windows Server 2008 R2 or later, and then configure the certificate authority itself by running the certutil -setreg policy\editflags +EDITF_ENABLERENEWONBEHALFOF command. Otherwise, disable the renewals-only mode. If no action is taken, future requests are denied.

Parameter

The parameters contained in the event text are filled with the following fields:

• %1: CAConfig (win:UnicodeString)

The Certificate Enrollment Web Services (Certificate Enrollment Policy Web Service, CEP, and Certificate Enrollment Web Service, CES) enable the automatic request and renewal of certificates from a certification authority via a Web-based interface. This eliminates the need to contact the certification authority directly via Remote Procedure Call (RPC). For a more detailed description, see the article "Certificate request basics via Certificate Enrollment Web Services (CEP, CES)„.

Description

No description has been written for this yet.

Safety assessment

The security assessment is based on the three dimensions of confidentiality, integrity and availability.

No description has been written for this yet.

Related links:

• Overview of Windows events generated by the Certificate Enrollment Web Service (CES).

External sources

• Certificate Enrollment Web Services in Active Directory Certificate Services (Microsoft)