I am running a root Enterprise CA by itself on a machine that is not also a domain controller on Windows 2008. I am getting the following errors:
EventID 87 (CertificationAuthority)
Active Directory Certificate Services could not use the default provider for encryption keys. Keyset does not exist 0x80090016 (-2146893802)
EventID 86 (CertificationAuthority)
Active Directory Certificate Services could not use the provider specified in the registry for encryption keys. Keyset does not exist 0x80090016 (-2146893802)
Everything else seems to be working correctly - I'm not sure what effect these errors are having...
I'm also getting errors when I drill down Roles -> AD CS -> Enterprise PKI -> <CAname>:
AIA Location #2 Unable To Download
CDP Location #2 Unable To Download
Last week, I performed an in-place upgrade of the OS hosting my CA from 2003 to 2008 and everything seemed good. I tried to reduce the lifespan of the certificate from 10 years to 7 years using a CAPolicy.inf and was unsuccessful. I ended up renewing the root certificate several times in the process; once choosing to generate a new key. I don't know if any of this has anything to do with it, but I figured I'd mention it.
Thanks in advance for any assistance.
EventID 87 (CertificationAuthority)
Active Directory Certificate Services could not use the default provider for encryption keys. Keyset does not exist 0x80090016 (-2146893802)
EventID 86 (CertificationAuthority)
Active Directory Certificate Services could not use the provider specified in the registry for encryption keys. Keyset does not exist 0x80090016 (-2146893802)
Everything else seems to be working correctly - I'm not sure what effect these errors are having...
I'm also getting errors when I drill down Roles -> AD CS -> Enterprise PKI -> <CAname>:
AIA Location #2 Unable To Download
CDP Location #2 Unable To Download
Last week, I performed an in-place upgrade of the OS hosting my CA from 2003 to 2008 and everything seemed good. I tried to reduce the lifespan of the certificate from 10 years to 7 years using a CAPolicy.inf and was unsuccessful. I ended up renewing the root certificate several times in the process; once choosing to generate a new key. I don't know if any of this has anything to do with it, but I figured I'd mention it.
Thanks in advance for any assistance.