I have a couple of Windows 2003 R2 SP2 servers hosting several instances of ADAM. I am using certreq to generate the certificate requests for these servers so I can use SSL in connecting to ADAM but I am getting an error. This is the request.inf I am using (pretty much straight from an MS article...) to generate the request...
;----------------- request.inf -----------------
[Version]
Signature="$Windows NT$
[NewRequest]
Subject = "CN=servername.childdomain.rootdomain.com" ; replace with the FQDN of the DC
KeySpec = 1
KeyLength = 1024
; Can be 1024, 2048, 4096, 8192, or 16384.
; Larger key sizes are more secure, but have
; a greater impact on performance.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication
;-----------------------------------------------
I am using this command.... certreq -new request.inf request.req
After hitting enter, it sits there for about 10 seconds and gives me this error back...
Certificate Request Processor: Access is denied. 0x80070005 (WIN32: 5)
[RequestAttributes]
I have searched on this error and have not found much of anything on it. This process seems to work fine on other servers that I have, but these two servers both generate this error. Both servers are clean builds and only have ADAM installed on them. I am a local admin on both servers so it doesn't appear that there should be any permission issues as implied by the error message.
Anyone have any ideas?
Thanks!