Results 1 to 4 of 4

Thread: Error issuing certificates from WS03 cert svc

  1. #1
    Join Date
    Oct 2005
    Posts
    81

    Error issuing certificates from WS03 cert svc

    I have some problem issuing certificates from Windows Server 2003 to the subordinate issues CA. It is actuallu rejecting requests by giving a warning in the log file with Event ID: 53, Source: CerSvc telling that "Certificate Services denied request 932 because: The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613). The request was for some specific cert subject info. Additional information: Error Constructing or Publishing Certificate". Is there anyone who can tell me how to solve this issue?

  2. #2
    Join Date
    Sep 2005
    Posts
    1,370

    Re: Error issuing certificates from WS03 cert svc

    I think that the issue happend after the removal of the revoked certificates. When you removed the certificates, then you will get the message that you are unable to determine the revocation information. After if you use the certutil -verify -urlfetch then try to do it against a leaf or end entity certifcate. What happens when you check the PKiView.msc, what does it show?

  3. #3
    Join Date
    Oct 2005
    Posts
    81

    Re: Error issuing certificates from WS03 cert svc

    When I checked PKIView then it shows that the CDP and AIA values are valid through the entire hierarchy. I have also tried to install an different issuing CA by keeping the same configuration like the previous one and this new CA is not having any issues and can also issue end entity certificates. But after when I revoked the CA certs then there was no change and I am still getting the same error on this original CA. So, I dont understand what is going on here and from where exactly the problem is coming.

  4. #4
    Join Date
    Sep 2005
    Posts
    1,370

    Re: Error issuing certificates from WS03 cert svc

    I think that PKIView usually gets the information by validating the most up-to-date CA Exchange certificate and from there I think that this error generally happens because extensions in the CA cert or other CA certs in the chain limit the Enhanced Key Usage / Application Policies the CA is allowed to issue.

Similar Threads

  1. Had some trouble with Godaddy Cert.
    By happyhacker in forum Small Business Server
    Replies: 2
    Last Post: 29-04-2012, 01:13 PM
  2. Failure to sync to OWA getting error on SSL Certificates
    By UTTIYA in forum Portable Devices
    Replies: 4
    Last Post: 13-02-2011, 07:18 PM
  3. Replies: 3
    Last Post: 28-06-2010, 05:37 PM
  4. SSL OWA Cert Issue
    By FASSET in forum Operating Systems
    Replies: 2
    Last Post: 22-10-2008, 11:52 AM
  5. Replies: 2
    Last Post: 15-05-2007, 08:11 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,711,710,498.75914 seconds with 17 queries