Certificate request fails with error message "0x800b0101 (-2146762495 CERT_E_EXPIRED)".

Author Uwe GradeneggerPosted on Categories Troubleshooting, Certification Authority

Assume the following scenario:

  • A user requests a certificate from an Active Directory integrated certification authority (Enterprise Certification Authority)
  • The certificate request fails with the following error message.
Certificate not issued (Denied) Error Parsing Request A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495 CERT_E_EXPIRED)

The failed request is logged on the certificate authority.

When trying to make a certificate request from the certificate management console (certlm.msc for the computer account, certmgr.msc for the user account), the certificate template is not available for selection, but is hidden. If you show all certificate templates, a corresponding error message is displayed.

A required certificate is not within its validity period when verifying against the current sysem clock or the timestamp in the signed file.
A calid certification authority (CA) configured to issue certificates based on this template cannot be located, or the CA does not support this opration, or the CA is not trusted

Solution

Quite obviously, the certification authority certificate has expired. A new certificate request for the certification authority certificate must be made and signed before the certification authority can issue certificates again.

Related links:

2 thoughts on “Die Beantragung eines Zertifikats schlägt fehl mit Fehlermeldung „0x800b0101 (-2146762495 CERT_E_EXPIRED)“”

  1. Pingback: What impact does the expiration of one of the Certification Authority certificates have on the Certification Authority? - Uwe Gradenegger
  2. Pingback: Performing a functional test for a Certification Authority - Uwe Gradenegger

Comments are closed.

en_USEnglish
de_DEDeutsch en_USEnglish