Certificate Services fails to start
From: Benkman (Benkman_at_discussions.microsoft.com)
Date: Sun, 21 Nov 2004 17:35:12 -0800
I have a Windows 2000 (SP4) Standalone Root CA running Certificate Services.
Key storage is in an nCipher nShield F2 HSM using the nCipher enahnced CSP.
Certificate Services was starting but when I last booted up the Root CA and
loaded the keys into HSM Certificate Services failed to start with the
The description for Event ID ( 42 ) in Source ( CertSvc ) and Support for
details. The following information is part of the event: xxxxxCA, A
certificate chain processed correctly, but terminated in a root certificate
which is not trusted by the trust provider. 0x800b0109 (-2146762487), 0.
Certsvc EventID: 7024
The Certificate Services service terminated with service-specific error
I see article 822626 refers to these errors but in this case certificate
sevices still does not start.
The Root CA has a 4096-bit key and I'm thinking that this error could be
related to a timeout issue accessing the key within HSM.
Has anyone experienced similar problems like this? Can anyone describe the
detail of the Validation process for the Root CA?