Re: SSLinstall problem

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 02/07/05 

Date: Sun, 6 Feb 2005 18:50:17 -0600

Ignore the parts in the link about publishing to ISA server. The parts about
installing the CA, a stand alone in this case, are pretty good step by step
guide. --- Steve

"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:eu$6v0KDFHA.3596@TK2MSFTNGP12.phx.gbl...
> You error message seems to indicate there may already be a Certificate
> Authority but the CA certificate is not published in Active Directory. If
> you try to install a CA on a non domain computer make sure you are trying
> to install a "stand alone" root CA as Enterprise CA can only be installed
> on a domain member computer. Your post indicates that you are trying to
> install a ssl certificate. Just keep in mind that an internal CA
> certificate would only be useful for ssl sessions to a web server from
> your network computers or others that trusted your CA. If you are trying
> to install a CA on a domain computer double check that the domain computer
> is using ONLY Active Directory domain controllers running dns with the
> domain zone as it's preferred dns servers and that it can ping them by
> name and fully qualified domain. The link below may help on steps to
> install a CA. --- Steve
>
> http://www.isaserver.org/img/upl/vpnkitbeta2/pubwebenroll.htm
>
> "Armen Kirakosyan" <armen@kirakosyan.com> wrote in message
> news:%239rfkhDDFHA.520@TK2MSFTNGP09.phx.gbl...
>> HI
>> thanks
>> but there was nothing in netdiag
>> I have checke DNS server
>> there was no error too :-(
>> please note that sometimes there is another error: 1214, about the format
>> of the specified network name is invalid
>> but I just type name in CN section.
>>
>> There is an error in Event Log
>>
>> Event Type: Warning
>> Event Source: CertSvc
>> Event Category: None
>> Description:
>> Certificate Services temporarily added the root certificate of
>> certificate chain 0 to the downloaded Enterprise Root store. If this
>> problem persists, publishing the root certificate to the Active Directory
>> may be necessary.
>>
>> :-(
>> end nothing else
>>
>>
>>
>>
>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
>> news:uQpCeMpCFHA.3908@TK2MSFTNGP15.phx.gbl...
>>>I would not use the name of the server but pick a different but relevant
>>>name for the CA. The Preview of distinguished name is showing what the
>>>distinguished name will be based on the info you entered and that is how
>>>Active Directory and ldap refer to computer objects.
>>>
>>> My guess is you have a network connectivity or dns problem with the
>>> domain computers. Look in Event Viewer for any pertinent clues and run
>>> the support tool netdiag on the domain controller and the domain server
>>> where you are trying to install the CA and also run dcdiag on the domain
>>> controller. Any failed tests or errors can give you a clue as to what
>>> problems exist that need to be fixed. See the link below on how dns must
>>> be configured in an Active Directory domain. If you tried to install the
>>> root CA on a non domain server there should not be a problem with
>>> network path as dns is not relevant in that case since the computer does
>>> not need to contact a domain controller. --- Steve
>>>
>>> http://support.microsoft.com/default.aspx?scid=kb;en-us;321708 ---
>>> netdiag and how to install support tools.
>>> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382 --
>>> AD dns FAQ.
>>>
>>> "Armen Kirakosyan" <armen@kirakosyan.com> wrote in message
>>> news:u$dMItoCFHA.1260@TK2MSFTNGP12.phx.gbl...
>>>> hi
>>>> I have a small trouble with installing Certificate Services on my
>>>> Windows 2003 server
>>>> I have tried with Domain controler and Stand alone server
>>>> the problem is the same
>>>> After chousing in installation options CA type
>>>> Enterprise root CA or Stand-alone root CA
>>>> I am asked for
>>>> Common name for this CA
>>>> and
>>>> Preview of distinguished name
>>>> In the first line I type server name f.e. SERVER1
>>>> And after installatiion start
>>>> there is an error that Windows cannot find the network path (Win32; 51)
>>>> can you help me?
>>>> and please what does it mean? (Preview of distinguished name)
>>>>
>>>> Thank you
>>>>
>>>
>>>
>>
>>
>
>

Relevant Pages

  • Re: New Event Log Errors!
    ... Somehow along those lines I'd also installed the Certificate Authority ... Did you apply the last Server Pack for SBS Server? ... Please install Windows Support Tools on the win2k3 sp1 problematic ... Microsoft is providing this information only as a convenience to you: ...
    (microsoft.public.windows.server.sbs)
  • Re: Adding EXCH2007 SP1 box to existing EXCH2003 SP2 Org
    ... Certificates - going to be using a SAN Certificate like I have many times before. ... We are making this a virtual server (someone is going on-site on Thursday to install VMWare (which will kill everything on this box) and WIN2008 Server SP1 x64 and then I will install EXCH2007 SP1. ... as mentioned - ISA was not involved in any of those eight environments.... ...
    (microsoft.public.exchange.admin)
  • Re: Terminal Services over a VPN
    ... Create a certificate request and submit it to godaddy in order to obtain a public cert. ... You can use the wizard in IIS Manager for this by creating a new website that matches the above name (on your TS server), right-click and choose properties, directory security tab, server certificate button. ... After the install you can stop or delete the website created above since you don't need it for anything. ...
    (microsoft.public.windows.terminal_services)
  • Re: Outlook RPC over HTTp deosnt work
    ... Go to remote web workplace (or Outlook Web Access), accept the certificate prompt, 'view', and 'install' the certificate - accepting all the defaults. ... > when you try to use RPC over HTTP to connect the Exchange Server. ...
    (microsoft.public.windows.server.sbs)
  • Re: windows mobile 6
    ... I installed a GoDaddy certificate on the sbs server with no problem. ... The problem is that the certificate is a .crt file and my WM6 device doesnt recognise this file extention. ... The question is how do i install the certificate. ... When a computer uses RWW it downloads the certificate automatically from the server, why doesnt WM6 do the same? ...
    (microsoft.public.windows.server.sbs)