Event Source: | Microsoft-Windows-CertificationAuthority |
Event ID: | 90 (0x5A) |
Event log: | Application |
Event type: | Error |
Event text (English): | %1: Active Directory Certificate Services detected an exception at address %2. Flags = %3. The exception is %4. |
Event text (German): | %1: An exception was detected at address %2. Flag: %3. Exception: %4. |
Parameter
The parameters contained in the event text are filled with the following fields:
- %1: ExceptionLocation (win:UnicodeString)
- %2: ExceptionAddress (win:UnicodeString)
- %3: ExceptionFlags (win:UnicodeString)
- %4: ErrorCode (win:UnicodeString)
Example events
515.376.90: Active Directory Certificate Services detected an exception at address 0x0000000000000000. Flags = 0x00000000. The exception is The instruction referenced memory at 0x%p. The memory could not be %s. 0xc0000005 (NT: 0xc0000005 STATUS_ACCESS_VIOLATION).
Description
This event may occur if there is a problem with the communication with the hardware security module.
Safety assessment
The security assessment is based on the three dimensions of confidentiality, integrity and availability.
As a rule, the availability of the certification authority is affected because the certification authority service will usually stop working. Therefore, this event is to be rated as critical.
Microsoft rating
Microsoft evaluates this event in the Securing Public Key Infrastructure (PKI) Whitepaper with a severity score of "Low".
Related links:
- Overview of Windows events generated by the certification authority
- Overview of audit events generated by the Certification Authority
External sources
- Securing Public Key Infrastructure (PKI) (Microsoft)