Re: Request for a user certificate Fails
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 31 Jan 2006 12:49:59 -0600
Did certutil -ping on the CA show that the CA is active? Anything in the
system/application logs of the CA that may indicate a problem? Is this a new
problem or have you never been able to request a certificate? Can an
administrator logon to the CA itself and request a user or administrator
certificate via the mmc snapin for certificates for user by going to the
personal folder and right clicking to select all tasks - request new
certificate? If not what is the error message? Your DNS needs to be
configured correctly in the domain and if it is not many problems can arise
so review the KB article below on Active Directory DNS and try running the
support tool netdiag on the CA and a client domain computer where
certificate request fails looking for problems for DNS, dc discovery,
Kerberos, or trust/secure channel. The CA computer also needs to be trusted
for delegation in it's computer account properties in Active Directory Users
and Computer. --- Steve
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382
"Craig Chin" <CraigChin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A2BB3E8C-BCF1-4112-8487-6802C5230F8A@xxxxxxxxxxxxxxxx
> Web Enrollment Fails, whether user or advanced but i can download a
> certificate to my machine but the error occurs in any other case.
>
> "Steven L Umbach" wrote:
>
>> Does this happen for just one user or every user on every domain
>> computer?
>> Can any certificate be requested [computer or user] from the CA? Can you
>> logon to the CA as an administrator and request/receive a user
>> certificate
>> for yourself? You may also try Web enrollment if you have not yet. Check
>> the
>> logs via Event Viewer on the client computer and the CA to see if
>> anything
>> relevant is reported and run the command certutil -ping on the CA to see
>> if
>> it reports that CA is alive if no certificates of any kind can be
>> equested. --- Steve
>>
>>
>> "Craig Chin" <CraigChin@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:DE005E2B-FE6D-41D7-B7D7-3A4526E6D50F@xxxxxxxxxxxxxxxx
>> > When Requesting a User Certificate from my Enterprise Root CA it fails
>> > with
>> > the Error Below
>> >
>> > Request Mode:
>> > newreq - New Request
>> > Disposition:
>> > FFFFFFFF - (unknown)
>> > Disposition message:
>> > (none)
>> > Result:
>> > The binding handle is invalid. 0x800706a6 (WIN32: 1702)
>> > COM Error Info:
>> > CCertRequest::Submit The binding handle is invalid. 0x800706a6 (WIN32:
>> > 1702)
>> > LastStatus:
>> > The operation completed successfully. 0x0 (0)
>> > Suggested Cause:
>> > No suggestions.
>> >
>> >
>> >
>>
>>
>>
.
- References:
- Re: Request for a user certificate Fails
- From: Steven L Umbach
- Re: Request for a user certificate Fails
- Prev by Date: Re: Request for a user certificate Fails
- Previous by thread: Re: Request for a user certificate Fails
- Next by thread: Re: Can not backup Certificate server
- Index(es):
Relevant Pages
|
|
