Microsoft-Windows-CertificationAuthority

355 events across 2 channels

Event ID	Title	Channel
5		Operational
5	Active Directory Certificate Services could not find required registry …	Application
6		Operational
6	Active Directory Certificate Services issued a certificate for request %1 for …	Application
7		Operational
7	Active Directory Certificate Services denied request %1 because %2.	Application
8		Operational
8	Active Directory Certificate Services left request %1 pending in the queue for …	Application
9		Operational
9	The Active Directory Certificate Services did not start: Unable to load an …	Application
10		Operational
10	Active Directory Certificate Services were unable to build a new certificate or …	Application
15		Operational
15	Active Directory Certificate Services did not start: Version does not match …	Application
16		Operational
16	Active Directory Certificate Services did not start: Unable to initialize OLE.	Application
17		Operational
17	Active Directory Certificate Services did not start: Unable to initialize the …	Application
19		Operational
19	Active Directory Certificate Services did not start: The Subject Name Template …	Application
20		Operational
20	Active Directory Certificate Services did not start: The Certificate Date …	Application
21		Operational
21	Active Directory Certificate Services could not process request %1 due to an …	Application
22		Operational
22	Active Directory Certificate Services could not process request %1 due to an …	Application
23		Operational
23	Active Directory Certificate Services could not process request %1 due to an …	Application
25		Operational
25	Active Directory Certificate Services revoked the certificate for request %1 for …	Application
26		Operational
26	Active Directory Certificate Services for %1 was started.	Application
27		Operational
27	Active Directory Certificate Services did not start: Hierarchical setup is …	Application
33		Operational
33	Active Directory Certificate Services did not start: Could not create the …	Application
34		Operational
34	Active Directory Certificate Services did not start: Could not initialize RPC …	Application
35		Operational
35	Active Directory Certificate Services did not start: Could not initialize OLE …	Application
38		Operational
38	Active Directory Certificate Services for %1 was stopped.	Application
39		Operational
39	Active Directory Certificate Services did not start: The Certification Authority …	Application
40		Operational
40	Active Directory Certificate Services did not start: Could not initialize DCOM …	Application
42		Operational
42	Could not build a certificate chain for CA certificate %3 for %1.	Application
43		Operational
43	The ".	Application
44		Operational
44	The ".	Application
45		Operational
45	The ".	Application
46		Operational
46	The ".	Application
48		Operational
48	Revocation status for a certificate in the chain for CA certificate %3 for %1 …	Application
49		Operational
49	A certificate in the chain for CA certificate %3 for %1 could not be verified …	Application
51		Operational
51	A certificate in the chain for CA certificate %3 for %1 has been revoked.	Application
52		Operational
52	Active Directory Certificate Services issued a certificate for request %1 for …	Application
53		Operational
53	Active Directory Certificate Services denied request %1 because %2.	Application
54		Operational
54	Active Directory Certificate Services left request %1 pending in the queue for …	Application
56		Operational
56	Active Directory Certificate Services denied request %1.	Application
57		Operational
57	Active Directory Certificate Services denied request %1.	Application
58		Operational
58	A certificate in the chain for CA certificate %3 for %1 has expired.	Application
59		Operational
59	Active Directory Certificate Services did not start: Could not connect to the …	Application
60		Operational
60	Active Directory Certificate Services refused to process an extremely long …	Application
62		Operational
62	Active Directory Certificate Services had problems loading valid CRL publication …	Application
63		Operational
63	Active Directory Certificate Services did not start: %1 %2.	Application
64		Operational
64	Active Directory Certificate Services cannot publish enrollment access changes …	Application
65		Operational
65	Active Directory Certificate Services could not publish a Base CRL for key %1 to …	Application
66		Operational
66	Active Directory Certificate Services could not publish a Delta CRL for key %1 …	Application
67		Operational
67	Active Directory Certificate Services made %1 attempts to publish a CRL and will …	Application
68		Operational
68	Active Directory Certificate Services successfully published Base CRL(s).	Application
69		Operational
69	Active Directory Certificate Services successfully published Delta CRL(s).	Application
70		Operational
70	Active Directory Certificate Services successfully published Base and Delta …	Application
71		Operational
71	Active Directory Certificate Services successfully published Base CRL(s) to …	Application
72		Operational
72	Active Directory Certificate Services successfully published Delta CRL(s) to …	Application
73		Operational
73	Active Directory Certificate Services successfully published Base and Delta …	Application
74		Operational
74	Active Directory Certificate Services could not publish a Base CRL for key %1 to …	Application
75		Operational
75	Active Directory Certificate Services could not publish a Delta CRL for key %1 …	Application
76		Operational
76	The ".	Application
77		Operational
77	The ".	Application
78		Operational
78	The ".	Application
79		Operational
79	Active Directory Certificate Services could not publish a Certificate for …	Application
80		Operational
80	Active Directory Certificate Services could not publish a Certificate for …	Application
81		Operational
81	Active Directory Certificate Services key archival is only supported on Advanced …	Application
82		Operational
82	Active Directory Certificate Services could only verify %1 of %2 key recovery …	Application
83		Operational
83	Active Directory Certificate Services encountered an error loading key recovery …	Application
84		Operational
84	Active Directory Certificate Services will not use key recovery certificate %1 …	Application
85		Operational
85	Active Directory Certificate Services ignored key recovery certificate %1 …	Application
86		Operational
86	Active Directory Certificate Services could not use the provider specified in …	Application
87		Operational
87	Active Directory Certificate Services could not use the default provider for …	Application
88		Operational
88	Active Directory Certificate Services switched to the default provider for …	Application
90		Operational
90	%1: Active Directory Certificate Services detected an exception at address %2.	Application
91		Operational
91	Could not connect to the Active Directory.	Application
92		Operational
92	Active Directory Certificate Services could not update security permissions.	Application
93		Operational
93	The certificate (#%1) of Active Directory Certificate Services %2 does not exist …	Application
94	Active Directory Certificate Services %1 can not open the certificate store at …	Application
94		Operational
95	Security permissions are corrupted or missing.	Application
95		Operational
96	Active Directory Certificate Services could not create an encryption …	Application
96		Operational
97	Active Directory Certificate Services %1 will reduce the maximum lifetime of the …	Application
97		Operational
98	Active Directory Certificate Services encountered errors validating configured …	Application
98		Operational
99	Active Directory Certificate Services could not create cross certificate %1 to …	Application
99		Operational
100		Operational
100	Active Directory Certificate Services did not start: Could not load or verify …	Application
101		Operational
101	Active Directory Certificate Services created CA cross certificate %2 for %1.	Application
102		Operational
102	Active Directory Certificate Services could not create cross certificate %1 to …	Application
103		Operational
103	Active Directory Certificate Services added the root certificate of certificate …	Application
104		Operational
104	Active Directory Certificate Services published certificate %1 to %2.	Application
105		Operational
105	Active Directory Certificate Services deleted invalid certificate %1 from %2.	Application
106		Operational
106	Active Directory Certificate Services cannot add certificate %1 to %2.	Application
107		Operational
107	Active Directory Certificate Services cannot delete invalid certificate %1 from …	Application
108		Operational
108	Active Directory Certificate Services could not delete a Certificate for request …	Application
109		Operational
109	Active Directory Certificate Services could not delete a Certificate for request …	Application
110		Operational
110	Active Directory Certificate Services could not initialize the performance …	Application
111		Operational
111	Active Directory Certificate Services upgrade failed because the upgrade path …	Application
112		Operational
112	Active Directory Certificate Services upgrade failed because information …	Application
113		Operational
113	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
114		Operational
114	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
115		Operational
115	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
116		Operational
116	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
117		Operational
117	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
118		Operational
118	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
121		Operational
121	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
122		Operational
122	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
123		Operational
123	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Application
124		Operational
124	Active Directory Certificate Services upgrade succeeded.	Application
125		Operational
125	Active Directory Certificate Services upgrade failed.	Application
126		Operational
126	Current information about advanced features supported by this Certification …	Application
127		Operational
127	Key recovery certificate %1 is about to expire soon and will not be used upon …	Application
128		Operational
128	An Authority Key Identifier was passed as part of the certificate request %1.	Application
129		Operational
129	An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration …	Application
130		Operational
130	Active Directory Certificate Services could not create a certificate revocation …	Application
131		Operational
131	An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL …	Application
132		Operational
132	The certification authority (CA) was unable to perform a decryption operation.	Application
133		Operational
133	The certification authority (CA) failed to encode a server extension required to …	Application
134		Operational
134	A certificate in the chain for CA certificate %3 for %1 has expired.	Application
135		Operational
135	Active Directory Certificate Services successfully created dummy key pair …	Application
136		Operational
136	Active Directory Certificate Services could not create dummy key pair required …	Application
138		Operational
138	Active Directory Certificate Services did not start: Unable to initialize OLE …	Application
139		Operational
139	Active Directory Certificate Services did not start: The registry value …	Application
140		Operational
140	Active Directory Certificate Services did not start: The registry value …	Application
141		Operational
141	Active Directory Certificate Services did not start: LDAP URLs should not be …	Application
142		Operational
142	Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be …	Application
143		Operational
143	Active Directory Certificate Services did not start: At least one of the URLs …	Application
144		Operational
144	Active Directory Certificate Services did not start: The current configuration …	Application
145		Operational
145	The Subject Key Identifier (SKI) computed by the certification authority (CA) …	Application
146		Operational
146	Active Directory Certificate Services did not start: The registry value …	Application
1113194502	Active Directory Certificate Services issued a certificate for request …	Operational
1113194504	Active Directory Certificate Services left request {RequestId} pending in the …	Operational
1113194521	Active Directory Certificate Services revoked the certificate for request …	Operational
1113194522	Active Directory Certificate Services for {CACommonName} was started.	Operational
1113194525	Active Directory Certificate Services issued a new Certificate Revocation List …	Operational
1113194534	Active Directory Certificate Services for {CACommonName} was stopped.	Operational
1113194548	Active Directory Certificate Services issued a certificate for request …	Operational
1113194550	Active Directory Certificate Services left request {RequestId} pending in the …	Operational
1113194551	Active Directory Certificate Services unrevoked the certificate for request …	Operational
1113194552	Active Directory Certificate Services denied request {RequestId}.	Operational
1113194553	Active Directory Certificate Services denied request {RequestId}.	Operational
1113194564	Active Directory Certificate Services successfully published Base CRL(s).	Operational
1113194565	Active Directory Certificate Services successfully published Delta CRL(s).	Operational
1113194566	Active Directory Certificate Services successfully published Base and Delta …	Operational
1113194567	Active Directory Certificate Services successfully published Base CRL(s) to …	Operational
1113194568	Active Directory Certificate Services successfully published Delta CRL(s) to …	Operational
1113194569	Active Directory Certificate Services successfully published Base and Delta …	Operational
1113194572	The '.	Operational
1113194597	Active Directory Certificate Services created CA cross certificate {Version} for …	Operational
1113194620	Active Directory Certificate Services upgrade succeeded.	Operational
2186805251	Request failed.	Operational
2186936327	Active Directory Certificate Services denied request {RequestId} because …	Operational
2186936368	Revocation status for a certificate in the chain for CA certificate …	Operational
2186936369	A certificate in the chain for CA certificate {CACertIdentifier} for …	Operational
2186936373	Active Directory Certificate Services denied request {RequestId} because …	Operational
2186936382	Active Directory Certificate Services had problems loading valid CRL publication …	Operational
2186936397	The '.	Operational
2186936399	Active Directory Certificate Services could not publish a Certificate for …	Operational
2186936400	Active Directory Certificate Services could not publish a Certificate for …	Operational
2186936406	Active Directory Certificate Services could not use the provider specified in …	Operational
2186936408	Active Directory Certificate Services switched to the default provider for …	Operational
2186936413	The certificate (#{CACertIdentifier}) of Active Directory Certificate Services …	Operational
2186936414	Active Directory Certificate Services {CACommonName} can not open the …	Operational
2186936417	Active Directory Certificate Services {CACommonName} will reduce the maximum …	Operational
2186936423	Active Directory Certificate Services added the root certificate of certificate …	Operational
2186936424	Active Directory Certificate Services published certificate {CACertIdentifier} …	Operational
2186936425	Active Directory Certificate Services deleted invalid certificate …	Operational
2186936428	Active Directory Certificate Services could not delete a Certificate for request …	Operational
2186936429	Active Directory Certificate Services could not delete a Certificate for request …	Operational
2186936430	Active Directory Certificate Services could not initialize the performance …	Operational
2186936433	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936434	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936435	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936436	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936437	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936438	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936439	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936440	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936441	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936442	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936443	A portion of the Active Directory Certificate Services upgrade failed: Could not …	Operational
2186936447	Key recovery certificate {KRACertIndex} is about to expire soon and will not be …	Operational
2186936448	An Authority Key Identifier was passed as part of the certificate request …	Operational
2186936449	An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration …	Operational
2186936451	An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL …	Operational
3260678149	Active Directory Certificate Services could not find required registry …	Operational
3260678153	The Active Directory Certificate Services did not start: Unable to load an …	Operational
3260678154	Active Directory Certificate Services were unable to build a new certificate or …	Operational
3260678159	Active Directory Certificate Services did not start: Version does not match …	Operational
3260678160	Active Directory Certificate Services did not start: Unable to initialize OLE: …	Operational
3260678161	Active Directory Certificate Services did not start: Unable to initialize the …	Operational
3260678163	Active Directory Certificate Services did not start: The Subject Name Template …	Operational
3260678164	Active Directory Certificate Services did not start: The Certificate Date …	Operational
3260678165	Active Directory Certificate Services could not process request {RequestId} due …	Operational
3260678166	Active Directory Certificate Services could not process request {RequestId} due …	Operational
3260678167	Active Directory Certificate Services could not process request {RequestId} due …	Operational
3260678171	Active Directory Certificate Services did not start: Hierarchical setup is …	Operational
3260678172	Active Directory Certificate Services did not start: The Certificate Revocation …	Operational
3260678177	Active Directory Certificate Services did not start: Could not create the …	Operational
3260678178	Active Directory Certificate Services did not start: Could not initialize RPC …	Operational
3260678179	Active Directory Certificate Services did not start: Could not initialize OLE …	Operational
3260678183	Active Directory Certificate Services did not start: The Certification Authority …	Operational
3260678184	Active Directory Certificate Services did not start: Could not initialize DCOM …	Operational
3260678185	Active Directory Certificate Services did not start: Could not initialize DCOM …	Operational
3260678186	Could not build a certificate chain for CA certificate {CACertIdentifier} for …	Operational
3260678187	The '.	Operational
3260678188	The '.	Operational
3260678189	The '.	Operational
3260678190	The '.	Operational
3260678195	A certificate in the chain for CA certificate {CACertIdentifier} for …	Operational
3260678202	A certificate in the chain for CA certificate {CACertIdentifier} for …	Operational
3260678203	Active Directory Certificate Services did not start: Could not connect to the …	Operational
3260678204	Active Directory Certificate Services refused to process an extremely long …	Operational
3260678207	Active Directory Certificate Services did not start: {CACommonName} {ErrorCode}.	Operational
3260678208	Active Directory Certificate Services cannot publish enrollment access changes …	Operational
3260678209	Active Directory Certificate Services could not publish a Base CRL for key …	Operational
3260678210	Active Directory Certificate Services could not publish a Delta CRL for key …	Operational
3260678211	Active Directory Certificate Services made {NumberOfAttempts} attempts to …	Operational
3260678218	Active Directory Certificate Services could not publish a Base CRL for key …	Operational
3260678219	Active Directory Certificate Services could not publish a Delta CRL for key …	Operational
3260678222	The '.	Operational
3260678225	Active Directory Certificate Services key archival is only supported on Advanced …	Operational
3260678226	Active Directory Certificate Services could only verify {NumberOfValidKRACerts} …	Operational
3260678227	Active Directory Certificate Services encountered an error loading key recovery …	Operational
3260678228	Active Directory Certificate Services will not use key recovery certificate …	Operational
3260678229	Active Directory Certificate Services ignored key recovery certificate …	Operational
3260678231	Active Directory Certificate Services could not use the default provider for …	Operational
3260678234	{ExceptionLocation}: Active Directory Certificate Services detected an exception …	Operational
3260678235	Could not connect to the Active Directory.	Operational
3260678236	Active Directory Certificate Services could not update security permissions.	Operational
3260678239	Security permissions are corrupted or missing.	Operational
3260678240	Active Directory Certificate Services could not create an encryption …	Operational
3260678242	Active Directory Certificate Services encountered errors validating configured …	Operational
3260678243	Active Directory Certificate Services could not create cross certificate …	Operational
3260678244	Active Directory Certificate Services did not start: Could not load or verify …	Operational
3260678246	Active Directory Certificate Services could not create cross certificate …	Operational
3260678250	Active Directory Certificate Services cannot add certificate {CACertIdentifier} …	Operational
3260678251	Active Directory Certificate Services cannot delete invalid certificate …	Operational
3260678255	Active Directory Certificate Services upgrade failed because the upgrade path …	Operational
3260678256	Active Directory Certificate Services upgrade failed because information …	Operational
3260678269	Active Directory Certificate Services upgrade failed.	Operational
3260678270	Current information about advanced features supported by this Certification …	Operational
3260678274	Active Directory Certificate Services could not create a certificate revocation …	Operational
3260678276	The certification authority (CA) was unable to perform a decryption operation.	Operational
3260678277	The certification authority (CA) failed to encode a server extension required to …	Operational

Event ID 5 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 5 — Active Directory Certificate Services could not find required registry information.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not find required registry information.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 6 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 6 — Active Directory Certificate Services issued a certificate for request %1 for %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services issued a certificate for request %1 for %2.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 7 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`Reason`	—
`SubjectName`	—

Event ID 7 — Active Directory Certificate Services denied request %1 because %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services denied request %1 because %2.  The request was for %3.

Fields

Name	Description
`RequestId`	—
`Reason`	—
`SubjectName`	—

Event ID 8 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 8 — Active Directory Certificate Services left request %1 pending in the queue for %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services left request %1 pending in the queue for %2.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 9 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 9 — The Active Directory Certificate Services did not start: Unable to load an external policy module.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The Active Directory Certificate Services did not start: Unable to load an external policy module.

Event ID 10 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 10 — Active Directory Certificate Services were unable to build a new certificate or certificate chain.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services were unable to build a new certificate or certificate chain: %1.

Fields

Name	Description
`ErrorCode`	—

Event ID 15 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 15 — Active Directory Certificate Services did not start: Version does not match certif.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Version does not match certif.dll.

Event ID 16 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 16 — Active Directory Certificate Services did not start: Unable to initialize OLE.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Unable to initialize OLE: %1.

Fields

Name	Description
`ErrorCode`	—

Event ID 17 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 17 — Active Directory Certificate Services did not start: Unable to initialize the database connection for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Unable to initialize the database connection for %1.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 19 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 19 — Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\SubjectTemplate is invalid.  An example of a valid string is: CommonName OrganizationalUnit Organization Locality State Country

Fields

Name	Description
`CACommonName`	—

Event ID 20 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 20 — Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\Cu...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\ValidityPeriod is invalid.  Valid strings are "Seconds", "Minutes", "Hours", "Days", "Weeks", "Months" and "Years".

Fields

Name	Description
`CACommonName`	—

Event ID 21 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—

Event ID 21 — Active Directory Certificate Services could not process request %1 due to an error: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not process request %1 due to an error: %2.  The request was for %3.

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—

Event ID 22 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 22 — Active Directory Certificate Services could not process request %1 due to an error: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not process request %1 due to an error: %2.  The request was for %3.  Additional information: %4

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 23 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—
`Field`	—

Event ID 23 — Active Directory Certificate Services could not process request %1 due to an error: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not process request %1 due to an error: %2.  The request was for %3.  The certificate would contain an encoded length that is potentially incompatible with older enrollment software.  Submit a new request using different length input data for the following field: %4

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—
`Field`	—

Event ID 25 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 25 — Active Directory Certificate Services revoked the certificate for request %1 for %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services revoked the certificate for request %1 for %2.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 26 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`DCSpecifier`	—
`DCName`	—

Event ID 26 — Active Directory Certificate Services for %1 was started.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services for %1 was started.%2%3

Fields

Name	Description
`CACommonName`	—
`DCSpecifier`	—
`DCName`	—

Event ID 27 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestFileName`	—

Event ID 27 — Active Directory Certificate Services did not start: Hierarchical setup is incomplete.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Hierarchical setup is incomplete.  Use the request file in %1.req to obtain a certificate for this Certificate Server, and use the Certification Authority administration tool to install the new certificate and complete the installation.

Fields

Name	Description
`RequestFileName`	—

Event ID 33 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 33 — Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for %1.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 34 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 34 — Active Directory Certificate Services did not start: Could not initialize RPC for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Could not initialize RPC for %1.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 35 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 35 — Active Directory Certificate Services did not start: Could not initialize OLE for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Could not initialize OLE for %1.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 38 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 38 — Active Directory Certificate Services for %1 was stopped.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services for %1 was stopped.

Fields

Name	Description
`CACommonName`	—

Event ID 39 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 39 — Active Directory Certificate Services did not start: The Certification Authority DCOM class for %1 could not be registered.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: The Certification Authority DCOM class for %1 could not be registered.  %2.  Use the services administration tool to change the Certification Authority logon context.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 40 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 40 — Active Directory Certificate Services did not start: Could not initialize DCOM class factories for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Could not initialize DCOM class factories for %1.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 42 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 42 — Could not build a certificate chain for CA certificate %3 for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Could not build a certificate chain for CA certificate %3 for %1.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 43 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`PolicyModuleDescription`	—
`MethodName`	—
`ExceptionCode`	—
`ExceptionAddress`	—

Event ID 43 — The ".

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The "%1" Policy Module "%2" method caused an exception at address %4.  The exception code is %3.

Fields

Name	Description
`PolicyModuleDescription`	—
`MethodName`	—
`ExceptionCode`	—
`ExceptionAddress`	—

Event ID 44 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`PolicyModuleDescription`	—
`MethodName`	—
`ErrorCode`	—
`param4`	—
`ErrorString`	—

Event ID 44 — The ".

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The "%1" Policy Module "%2" method returned an error. %5 The returned status code is %3.  %4

Fields

Name	Description
`PolicyModuleDescription`	—
`MethodName`	—
`ErrorCode`	—
`param4`	—
`ErrorString`	—

Event ID 45 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ExitModuleDescription`	—
`MethodName`	—
`ExceptionCode`	—
`ExceptionAddress`	—

Event ID 45 — The ".

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The "%1" Exit Module "%2" method caused an exception at address %4.  The exception code is %3.

Fields

Name	Description
`ExitModuleDescription`	—
`MethodName`	—
`ExceptionCode`	—
`ExceptionAddress`	—

Event ID 46 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ExitModuleDescription`	—
`MethodName`	—
`ErrorCode`	—
`param4`	—
`ErrorString`	—

Event ID 46 — The ".

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The "%1" Exit Module "%2" method returned an error. %5 The returned status code is %3.  %4

Fields

Name	Description
`ExitModuleDescription`	—
`MethodName`	—
`ErrorCode`	—
`param4`	—
`ErrorString`	—

Event ID 48 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 48 — Revocation status for a certificate in the chain for CA certificate %3 for %1 could not be verified because a server is currently unavailable.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Revocation status for a certificate in the chain for CA certificate %3 for %1 could not be verified because a server is currently unavailable.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 49 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 49 — A certificate in the chain for CA certificate %3 for %1 could not be verified because no information is available describing how to check the revoc...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A certificate in the chain for CA certificate %3 for %1 could not be verified because no information is available describing how to check the revocation status.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 51 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 51 — A certificate in the chain for CA certificate %3 for %1 has been revoked.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A certificate in the chain for CA certificate %3 for %1 has been revoked.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 52 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 52 — Active Directory Certificate Services issued a certificate for request %1 for %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services issued a certificate for request %1 for %2.  Additional information: %3

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 53 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`Reason`	—
`SubjectName`	—
`AdditionalInformation`	—

Sigma Rules

Active Directory Certificate Services Denied Certificate Enrollment Request
Detects denied requests by Active Directory Certificate Services. Example of these requests denial include issues with permissions on the certificate template or invalid signatures.

Event ID 53 — Active Directory Certificate Services denied request %1 because %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services denied request %1 because %2.  The request was for %3.  Additional information: %4

Fields

Name	Description
`RequestId`	—
`Reason`	—
`SubjectName`	—
`AdditionalInformation`	—

Sigma Rules

Active Directory Certificate Services Denied Certificate Enrollment Request
Detects denied requests by Active Directory Certificate Services. Example of these requests denial include issues with permissions on the certificate template or invalid signatures.

Event ID 54 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 54 — Active Directory Certificate Services left request %1 pending in the queue for %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services left request %1 pending in the queue for %2.  Additional information: %3

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 56 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 56 — Active Directory Certificate Services denied request %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services denied request %1.  The request was for %2.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 57 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 57 — Active Directory Certificate Services denied request %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services denied request %1.  The request was for %2.  Additional information: %3

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 58 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 58 — A certificate in the chain for CA certificate %3 for %1 has expired.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A certificate in the chain for CA certificate %3 for %1 has expired.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 59 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 59 — Active Directory Certificate Services did not start: Could not connect to the Active Directory for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Could not connect to the Active Directory for %1.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 60 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`SubjectName`	—

Event ID 60 — Active Directory Certificate Services refused to process an extremely long request from %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services refused to process an extremely long request from %1. This may indicate a denial-of-service attack. If the request was rejected in error, modify the MaxIncomingMessageSize registry parameter via 
certutil -setreg CA\MaxIncomingMessageSize <bytes>.

Unless verbose logging is enabled, this error will not be logged again for 20 minutes.

Fields

Name	Description
`SubjectName`	—

Event ID 62 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 62 — Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Event ID 63 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 63 — Active Directory Certificate Services did not start: %1 %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: %1 %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 64 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 64 — Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Event ID 65 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 65 — Active Directory Certificate Services could not publish a Base CRL for key %1 to the following location: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not publish a Base CRL for key %1 to the following location: %2.  %3.%5%6

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 66 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 66 — Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location: %2.  %3.%5%6

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 67 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`NumberOfAttempts`	—

Event ID 67 — Active Directory Certificate Services made %1 attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services made %1 attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Fields

Name	Description
`NumberOfAttempts`	—

Event ID 68 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 68 — Active Directory Certificate Services successfully published Base CRL(s).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services successfully published Base CRL(s).

Event ID 69 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 69 — Active Directory Certificate Services successfully published Delta CRL(s).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services successfully published Delta CRL(s).

Event ID 70 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 70 — Active Directory Certificate Services successfully published Base and Delta CRL(s).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services successfully published Base and Delta CRL(s).

Event ID 71 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`HostName`	—

Event ID 71 — Active Directory Certificate Services successfully published Base CRL(s) to server %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services successfully published Base CRL(s) to server %1.

Fields

Name	Description
`HostName`	—

Event ID 72 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`HostName`	—

Event ID 72 — Active Directory Certificate Services successfully published Delta CRL(s) to server %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services successfully published Delta CRL(s) to server %1.

Fields

Name	Description
`HostName`	—

Event ID 73 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`HostName`	—

Event ID 73 — Active Directory Certificate Services successfully published Base and Delta CRL(s) to server %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services successfully published Base and Delta CRL(s) to server %1.

Fields

Name	Description
`HostName`	—

Event ID 74 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 74 — Active Directory Certificate Services could not publish a Base CRL for key %1 to the following location on server %4: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not publish a Base CRL for key %1 to the following location on server %4: %2.  %3.%5%6

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 75 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 75 — Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location on server %4: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location on server %4: %2.  %3.%5%6

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 76 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`PolicyModuleDescription`	—
`InformationMessage`	—

Event ID 76 — The ".

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The "%1" Policy Module logged the following information: %2

Fields

Name	Description
`PolicyModuleDescription`	—
`InformationMessage`	—

Event ID 77 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`PolicyModuleDescription`	—
`WarningMessage`	—

Event ID 77 — The ".

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The "%1" Policy Module logged the following warning: %2

Fields

Name	Description
`PolicyModuleDescription`	—
`WarningMessage`	—

Event ID 78 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`PolicyModuleDescription`	—
`ErrorMessage`	—

Event ID 78 — The ".

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The "%1" Policy Module logged the following error: %2

Fields

Name	Description
`PolicyModuleDescription`	—
`ErrorMessage`	—

Event ID 79 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 79 — Active Directory Certificate Services could not publish a Certificate for request %1 to the following location: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not publish a Certificate for request %1 to the following location: %2.  %3.%5%6

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 80 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 80 — Active Directory Certificate Services could not publish a Certificate for request %1 to the following location on server %4: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not publish a Certificate for request %1 to the following location on server %4: %2.  %3.%5%6

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 81 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 81 — Active Directory Certificate Services key archival is only supported on Advanced Server.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services key archival is only supported on Advanced Server.  %1

Fields

Name	Description
`ErrorCode`	—

Event ID 82 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`NumberOfValidKRACerts`	—
`RequiredNumberOfValidKRACerts`	—

Event ID 82 — Active Directory Certificate Services could only verify %1 of %2 key recovery certificates required to enable private key archival.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could only verify %1 of %2 key recovery certificates required to enable private key archival.  Requests to archive private keys will not be accepted.

Fields

Name	Description
`NumberOfValidKRACerts`	—
`RequiredNumberOfValidKRACerts`	—

Event ID 83 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 83 — Active Directory Certificate Services encountered an error loading key recovery certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services encountered an error loading key recovery certificates.  Requests to archive private keys will not be accepted.  %1

Fields

Name	Description
`ErrorCode`	—

Event ID 84 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 84 — Active Directory Certificate Services will not use key recovery certificate %1 because it could not be verified for use as a Key Recovery Agent.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services will not use key recovery certificate %1 because it could not be verified for use as a Key Recovery Agent.  %2  %3

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 85 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 85 — Active Directory Certificate Services ignored key recovery certificate %1 because it could not be loaded.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services ignored key recovery certificate %1 because it could not be loaded.  %2  %3

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 86 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 86 — Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.  %1

Fields

Name	Description
`ErrorCode`	—

Event ID 87 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 87 — Active Directory Certificate Services could not use the default provider for encryption keys.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not use the default provider for encryption keys.  %1

Fields

Name	Description
`ErrorCode`	—

Event ID 88 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`DefaultProviderName`	—

Event ID 88 — Active Directory Certificate Services switched to the default provider for encryption keys.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services switched to the default provider for encryption keys. %1

Fields

Name	Description
`DefaultProviderName`	—

Event ID 90 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ExceptionLocation`	—
`ExceptionAddress`	—
`ExceptionFlags`	—
`ErrorCode`	—

Event ID 90 — %1: Active Directory Certificate Services detected an exception at address %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

%1: Active Directory Certificate Services detected an exception at address %2.  Flags = %3.  The exception is %4.

Fields

Name	Description
`ExceptionLocation`	—
`ExceptionAddress`	—
`ExceptionFlags`	—
`ErrorCode`	—

Event ID 91 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 91 — Could not connect to the Active Directory.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Could not connect to the Active Directory.  Active Directory Certificate Services will retry when processing requires Active Directory access.

Event ID 92 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 92 — Active Directory Certificate Services could not update security permissions.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not update security permissions. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 93 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—

Event ID 93 — The certificate (#%1) of Active Directory Certificate Services %2 does not exist in the certificate store at CN=NTAuthCertificates,CN=Public Key Se...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The certificate (#%1) of Active Directory Certificate Services %2 does not exist in the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container.  The directory replication may not be completed.

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—

Event ID 94 — Active Directory Certificate Services %1 can not open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Acti...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services %1 can not open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container.

Fields

Name	Description
`CACommonName`	—

Event ID 94 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 95 — Security permissions are corrupted or missing.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Security permissions are corrupted or missing.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 95 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 96 — Active Directory Certificate Services could not create an encryption certificate.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not create an encryption certificate.  %1.  %2.

Fields

Name	Description
`Disposition`	—
`ErrorCode`	—

Event ID 96 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`Disposition`	—
`ErrorCode`	—

Event ID 97 — Active Directory Certificate Services %1 will reduce the maximum lifetime of the issued certificate for request %2 because the CA certificate lifet...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services %1 will reduce the maximum lifetime of the issued certificate for request %2 because the CA certificate lifetime is shorter than the registry validity period.  Consider renewing the CA certificate or reducing the registry validity period.

Fields

Name	Description
`CACommonName`	—
`RequestId`	—

Event ID 97 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`RequestId`	—

Event ID 98 — Active Directory Certificate Services encountered errors validating configured key recovery certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services encountered errors validating configured key recovery certificates.  Requests to archive private keys will no longer be accepted.

Event ID 98 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 99 — Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates.  %2.  %3.

Fields

Name	Description
`Version`	—
`Disposition`	—
`ErrorCode`	—

Event ID 99 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`Version`	—
`Disposition`	—
`ErrorCode`	—

Event ID 100 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 100 — Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.  %1 %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 101 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`Version`	—

Event ID 101 — Active Directory Certificate Services created CA cross certificate %2 for %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services created CA cross certificate %2 for %1.

Fields

Name	Description
`CACommonName`	—
`Version`	—

Event ID 102 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`Version`	—
`ExtensionOid`	—
`Disposition`	—
`ErrorCode`	—

Event ID 102 — Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates.  The %2 extension is inconsistent.  %3.  %4.

Fields

Name	Description
`Version`	—
`ExtensionOid`	—
`Disposition`	—
`ErrorCode`	—

Event ID 103 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACertIdentifier`	—
`LDAPPath`	—

Event ID 103 — Active Directory Certificate Services added the root certificate of certificate chain %1 to the downloaded Trusted Root Certification Authorities E...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services added the root certificate of certificate chain %1 to the downloaded Trusted Root Certification Authorities Enterprise store on the CA computer. This store will be updated from the Certification Authorities container in Active Directory the next time Group Policy is applied. To verify that the CA certificate is published correctly in Active Directory, run the following command: certutil -viewstore "%2" (you must include the quotation marks when you run this command). If the root CA certificate is not present, use the Certificates console on the root CA computer to export the certificate to a file, and then run the following command to publish it to Active Directory: Certutil -dspublish %certificatefilename% Root.

Fields

Name	Description
`CACertIdentifier`	—
`LDAPPath`	—

Event ID 104 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—

Event ID 104 — Active Directory Certificate Services published certificate %1 to %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services published certificate %1 to %2.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—

Event ID 105 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—

Event ID 105 — Active Directory Certificate Services deleted invalid certificate %1 from %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services deleted invalid certificate %1 from %2.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—

Event ID 106 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—
`DSErrorMessage`	—
`AdditionalErrorMessage`	—

Event ID 106 — Active Directory Certificate Services cannot add certificate %1 to %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services cannot add certificate %1 to %2.  %3.  %4.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—
`DSErrorMessage`	—
`AdditionalErrorMessage`	—

Event ID 107 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—
`DSErrorMessage`	—
`AdditionalErrorMessage`	—

Event ID 107 — Active Directory Certificate Services cannot delete invalid certificate %1 from %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services cannot delete invalid certificate %1 from %2.  %3.  %4.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—
`DSErrorMessage`	—
`AdditionalErrorMessage`	—

Event ID 108 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 108 — Active Directory Certificate Services could not delete a Certificate for request %1 from the following location: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not delete a Certificate for request %1 from the following location: %2.  %3.%5%6

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`param4`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 109 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 109 — Active Directory Certificate Services could not delete a Certificate for request %1 from the following location on server %4: %2.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not delete a Certificate for request %1 from the following location on server %4: %2.  %3.%5%6

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`HostName`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 110 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 110 — Active Directory Certificate Services could not initialize the performance counters.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not initialize the performance counters.

Event ID 111 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 111 — Active Directory Certificate Services upgrade failed because the upgrade path could not be determined.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services upgrade failed because the upgrade path could not be determined. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 112 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 112 — Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 113 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 113 — A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissi...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 114 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 114 — A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 115 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 115 — A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 116 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 116 — A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 117 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 117 — A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 118 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 118 — A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 121 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 121 — A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 122 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 122 — A portion of the Active Directory Certificate Services upgrade failed: Could not update service description.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not update service description. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 123 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 123 — A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 124 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 124 — Active Directory Certificate Services upgrade succeeded.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services upgrade succeeded. Active Directory Certificate Services settings have been upgraded successfully.

Event ID 125 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 125 — Active Directory Certificate Services upgrade failed.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services upgrade failed. Active Directory Certificate Services settings have not been upgraded. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 126 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 126 — Current information about advanced features supported by this Certification Authority is not available from the domain controller.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Current information about advanced features supported by this Certification Authority is not available from the domain controller. Stop and restart Certificate Services in order to update this information. %1

Fields

Name	Description
`ErrorCode`	—

Event ID 127 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 127 — Key recovery certificate %1 is about to expire soon and will not be used upon expiration.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Key recovery certificate %1 is about to expire soon and will not be used upon expiration. Contact your adminstrator to renew this certificate.  %2  %3

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 128 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`RequestId`	—

Event ID 128 — An Authority Key Identifier was passed as part of the certificate request %1.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

An Authority Key Identifier was passed as part of the certificate request %1. This feature has not been enabled. To enable specifying a CA key for certificate signing, run: "certutil -setreg ca\UseDefinedCACertInRequest 1" and then restart the service.

Fields

Name	Description
`RequestId`	—

Event ID 129 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 129 — An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting. To resolve, run: "certutil -getreg ca\EnabledEKUForDefinedCACert" to identify the invalid OID and correct it. The default OID ("1.3.6.1.5.5.7.3.9") will be used.

Event ID 130 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorMessageText`	—

Event ID 130 — Active Directory Certificate Services could not create a certificate revocation list.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not create a certificate revocation list. %1.  This may cause applications that need to check the revocation status of certificates issued by this CA to fail. You can recreate the certificate revocation list manually by running the following command: "certutil -CRL". If the problem persists, restart Certificate Services.

Fields

Name	Description
`ErrorMessageText`	—

Event ID 131 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 131 — An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting. To resolve, run: "certutil -getreg ca\EKUOIDsForPublishExpiredCertInCRL" to identify the invalid OID and correct it. The default OIDs ("1.3.6.1.5.5.7.3.3" and "1.3.6.1.4.1.311.61.1.1") will be used.

Event ID 132 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 132 — The certification authority (CA) was unable to perform a decryption operation.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The certification authority (CA) was unable to perform a decryption operation.  This error can occur when an advanced encryption algorithm such as Advanced Encryption Standard (AES) is used and the CA has not been configured to use a CryptoAPI Next Generation (CNG) key storage provider. If this error occurred during certificate enrollment, check the certificate template to ensure that advanced encryption for key archival is not enabled.

Event ID 133 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 133 — The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL). The CA will not issue any certificates or CRLs that do not contain this extension. To correct this problem, use the Certification Authority snap-in to remove any Unicode characters in the URLs for the AIA, CDP, and IDP extensions, then restart the CA.

Event ID 134 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 134 — A certificate in the chain for CA certificate %3 for %1 has expired.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

A certificate in the chain for CA certificate %3 for %1 has expired.  %2.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—
`CACertIdentifier`	—

Event ID 135 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ProvType`	—
`KeyLength`	—
`AlgorithmName`	—

Event ID 135 — Active Directory Certificate Services successfully created dummy key pair required for pre-signing.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services successfully created dummy key pair required for pre-signing.

Additional information:
Provider Type: %1
Key Length: %2
Key Algorithm: %3

Fields

Name	Description
`ProvType`	—
`KeyLength`	—
`AlgorithmName`	—

Event ID 136 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—
`ProvType`	—
`KeyLength`	—
`AlgorithmName`	—

Event ID 136 — Active Directory Certificate Services could not create dummy key pair required for pre-signing.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services could not create dummy key pair required for pre-signing. This will cause requests for pre-signing to fail.

Additional information:
Error: %1
Provider Type: %2
Key Length: %3
Key Algorithm: %4

Fields

Name	Description
`ErrorCode`	—
`ProvType`	—
`KeyLength`	—
`AlgorithmName`	—

Event ID 138 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`ErrorCode`	—

Event ID 138 — Active Directory Certificate Services did not start: Unable to initialize OLE Security.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: Unable to initialize OLE Security: %1.

Fields

Name	Description
`ErrorCode`	—

Event ID 139 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 139 — Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLMaxPartitions is either not configured or set to an invalid value.

Fields

Name	Description
`CACommonName`	—

Event ID 140 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 140 — Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLMaxPartitions should be greater than or equal to the value configured at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLSuspendedPartitions.

Fields

Name	Description
`CACommonName`	—

Event ID 141 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 141 — Active Directory Certificate Services did not start: LDAP URLs should not be selected in the CDP extension when CRL partitioning feature is enabled.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: LDAP URLs should not be selected in the CDP extension when CRL partitioning feature is enabled.

Fields

Name	Description
`CACommonName`	—

Event ID 142 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 142 — Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be included in the URLs configured for the CDP extension when CRL par...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be included in the URLs configured for the CDP extension when CRL partitioning feature is enabled.

Fields

Name	Description
`CACommonName`	—

Event ID 143 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 143 — Active Directory Certificate Services did not start: At least one of the URLs configured in the CDP extension MUST be selected to include the IDP e...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: At least one of the URLs configured in the CDP extension MUST be selected to include the IDP extension in the issued CRLs.

Fields

Name	Description
`CACommonName`	—

Event ID 144 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Event ID 144 — Active Directory Certificate Services did not start: The current configuration of the CA does not allow for the support of the CRL partitioning fea...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: The current configuration of the CA does not allow for the support of the CRL partitioning feature. To resolve the issue, revert the configuration changes associated with CRL partitioning.

Event ID 145 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`SKIRequested`	—
`SKIGenerated`	—

Event ID 145 — The Subject Key Identifier (SKI) computed by the certification authority (CA) differs from the value provided in the request.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

The Subject Key Identifier (SKI) computed by the certification authority (CA) differs from the value provided in the request. For security reasons, the CA will ignore the SKI value specified in the request.

Additional information:
SKI specified in the request: %1
SKI computed by CA: %2

Fields

Name	Description
`SKIRequested`	—
`SKIGenerated`	—

Event ID 146 —

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Fields

Name	Description
`CACommonName`	—

Event ID 146 — Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Application

Message

Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLFlags is set to an invalid value. The bits 0x01000000 and 0x02000000 are mutually exclusive.

Fields

Name	Description
`CACommonName`	—

Event ID 1113194502 — Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 1113194504 — Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 1113194521 — Active Directory Certificate Services revoked the certificate for request {RequestId} for {SubjectName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services revoked the certificate for request {RequestId} for {SubjectName}.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 1113194522 — Active Directory Certificate Services for {CACommonName} was started.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services for {CACommonName} was started.{DCSpecifier}{DCName}

Fields

Name	Description
`CACommonName`	—
`DCSpecifier`	—
`DCName`	—

Event ID 1113194525 — Active Directory Certificate Services issued a new Certificate Revocation List for {param1}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services issued a new Certificate Revocation List for {param1}.

Fields

Name	Description
`param1`	—

Event ID 1113194534 — Active Directory Certificate Services for {CACommonName} was stopped.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services for {CACommonName} was stopped.

Fields

Name	Description
`CACommonName`	—

Event ID 1113194548 — Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.  Additional information: {AdditionalInformation}

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 1113194550 — Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.  Additional information: {AdditionalInformation}

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 1113194551 — Active Directory Certificate Services unrevoked the certificate for request {RequestId} for {SubjectName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services unrevoked the certificate for request {RequestId} for {SubjectName}.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 1113194552 — Active Directory Certificate Services denied request {RequestId}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services denied request {RequestId}.  The request was for {SubjectName}.

Fields

Name	Description
`RequestId`	—
`SubjectName`	—

Event ID 1113194553 — Active Directory Certificate Services denied request {RequestId}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services denied request {RequestId}.  The request was for {SubjectName}.  Additional information: {AdditionalInformation}

Fields

Name	Description
`RequestId`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 1113194564 — Active Directory Certificate Services successfully published Base CRL(s).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services successfully published Base CRL(s).

Event ID 1113194565 — Active Directory Certificate Services successfully published Delta CRL(s).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services successfully published Delta CRL(s).

Event ID 1113194566 — Active Directory Certificate Services successfully published Base and Delta CRL(s).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services successfully published Base and Delta CRL(s).

Event ID 1113194567 — Active Directory Certificate Services successfully published Base CRL(s) to server {HostName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services successfully published Base CRL(s) to server {HostName}.

Fields

Name	Description
`HostName`	—

Event ID 1113194568 — Active Directory Certificate Services successfully published Delta CRL(s) to server {HostName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services successfully published Delta CRL(s) to server {HostName}.

Fields

Name	Description
`HostName`	—

Event ID 1113194569 — Active Directory Certificate Services successfully published Base and Delta CRL(s) to server {HostName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services successfully published Base and Delta CRL(s) to server {HostName}.

Fields

Name	Description
`HostName`	—

Event ID 1113194572 — The '.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The '{PolicyModuleDescription}' Policy Module logged the following information: {InformationMessage}

Fields

Name	Description
`PolicyModuleDescription`	—
`InformationMessage`	—

Event ID 1113194597 — Active Directory Certificate Services created CA cross certificate {Version} for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services created CA cross certificate {Version} for {CACommonName}.

Fields

Name	Description
`Version`	—
`CACommonName`	—

Event ID 1113194620 — Active Directory Certificate Services upgrade succeeded.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services upgrade succeeded. Active Directory Certificate Services settings have been upgraded successfully.

Event ID 2186805251 — Request failed.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Request failed.

Event ID 2186936327 — Active Directory Certificate Services denied request {RequestId} because {Reason}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services denied request {RequestId} because {Reason}.  The request was for {SubjectName}.

Fields

Name	Description
`RequestId`	—
`Reason`	—
`SubjectName`	—

Event ID 2186936368 — Revocation status for a certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because a server is...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Revocation status for a certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because a server is currently unavailable.  {ErrorCode}.

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—
`ErrorCode`	—

Event ID 2186936369 — A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because no information is available descr...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because no information is available describing how to check the revocation status.  {ErrorCode}.

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—
`ErrorCode`	—

Event ID 2186936373 — Active Directory Certificate Services denied request {RequestId} because {Reason}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services denied request {RequestId} because {Reason}.  The request was for {SubjectName}.  Additional information: {AdditionalInformation}

Fields

Name	Description
`RequestId`	—
`Reason`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 2186936382 — Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Event ID 2186936397 — The '.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The '{PolicyModuleDescription}' Policy Module logged the following warning: {WarningMessage}

Fields

Name	Description
`PolicyModuleDescription`	—
`WarningMessage`	—

Event ID 2186936399 — Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location: {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 2186936400 — Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location on server {HostName}: {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location on server {HostName}: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`RequestId`	—
`HostName`	—
`DN`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 2186936406 — Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.  {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936408 — Active Directory Certificate Services switched to the default provider for encryption keys.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services switched to the default provider for encryption keys. {DefaultProviderName}

Fields

Name	Description
`DefaultProviderName`	—

Event ID 2186936413 — The certificate (#{CACertIdentifier}) of Active Directory Certificate Services {CACommonName} does not exist in the certificate store at CN=NTAuthC...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The certificate (#{CACertIdentifier}) of Active Directory Certificate Services {CACommonName} does not exist in the certificate store at CN=NTAuthCertificates;CN=Public Key Services;CN=Services in the Active Directory's configuration container.  The directory replication may not be completed.

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—

Event ID 2186936414 — Active Directory Certificate Services {CACommonName} can not open the certificate store at CN=NTAuthCertificates;CN=Public Key Services;CN=Services...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services {CACommonName} can not open the certificate store at CN=NTAuthCertificates;CN=Public Key Services;CN=Services in the Active Directory's configuration container.

Fields

Name	Description
`CACommonName`	—

Event ID 2186936417 — Active Directory Certificate Services {CACommonName} will reduce the maximum lifetime of the issued certificate for request {RequestId} because the...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services {CACommonName} will reduce the maximum lifetime of the issued certificate for request {RequestId} because the CA certificate lifetime is shorter than the registry validity period.  Consider renewing the CA certificate or reducing the registry validity period.

Fields

Name	Description
`CACommonName`	—
`RequestId`	—

Event ID 2186936423 — Active Directory Certificate Services added the root certificate of certificate chain {CACertIdentifier} to the downloaded Trusted Root Certificati...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services added the root certificate of certificate chain {CACertIdentifier} to the downloaded Trusted Root Certification Authorities Enterprise store on the CA computer. This store will be updated from the Certification Authorities container in Active Directory the next time Group Policy is applied. To verify that the CA certificate is published correctly in Active Directory; run the following command: certutil -viewstore '{LDAPPath}' (you must include the quotation marks when you run this command). If the root CA certificate is not present; use the Certificates console on the root CA computer to export the certificate to a file; and then run the following command to publish it to Active Directory: Certutil -dspublish %certificatefilename% Root.

Fields

Name	Description
`CACertIdentifier`	—
`LDAPPath`	—

Event ID 2186936424 — Active Directory Certificate Services published certificate {CACertIdentifier} to {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services published certificate {CACertIdentifier} to {DN}.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—

Event ID 2186936425 — Active Directory Certificate Services deleted invalid certificate {CACertIdentifier} from {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services deleted invalid certificate {CACertIdentifier} from {DN}.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—

Event ID 2186936428 — Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location: {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`RequestId`	—
`DN`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 2186936429 — Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location on server {HostName}: {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location on server {HostName}: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`RequestId`	—
`HostName`	—
`DN`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 2186936430 — Active Directory Certificate Services could not initialize the performance counters.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not initialize the performance counters.

Event ID 2186936433 — A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissi...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936434 — A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936435 — A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936436 — A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936437 — A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936438 — A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936439 — A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv request.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv request. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936440 — A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv admin.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv admin. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936441 — A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936442 — A portion of the Active Directory Certificate Services upgrade failed: Could not update service description.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not update service description. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936443 — A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 2186936447 — Key recovery certificate {KRACertIndex} is about to expire soon and will not be used upon expiration.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Key recovery certificate {KRACertIndex} is about to expire soon and will not be used upon expiration. Contact your adminstrator to renew this certificate.  {KRACertSubjectName}  {ErrorCode}

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 2186936448 — An Authority Key Identifier was passed as part of the certificate request {RequestId}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

An Authority Key Identifier was passed as part of the certificate request {RequestId}. This feature has not been enabled. To enable specifying a CA key for certificate signing; run: 'certutil -setreg ca\UseDefinedCACertInRequest 1' and then restart the service.

Fields

Name	Description
`RequestId`	—

Event ID 2186936449 — An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting. To resolve; run: 'certutil -getreg ca\EnabledEKUForDefinedCACert' to identify the invalid OID and correct it. The default OID ('1.3.6.1.5.5.7.3.9') will be used.

Event ID 2186936451 — An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting. To resolve; run: 'certutil -getreg ca\EKUOIDsForPublishExpiredCertInCRL' to identify the invalid OID and correct it. The default OIDs ('1.3.6.1.5.5.7.3.3' and '1.3.6.1.4.1.311.61.1.1') will be used.

Event ID 3260678149 — Active Directory Certificate Services could not find required registry information.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not find required registry information.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 3260678153 — The Active Directory Certificate Services did not start: Unable to load an external policy module.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The Active Directory Certificate Services did not start: Unable to load an external policy module.

Event ID 3260678154 — Active Directory Certificate Services were unable to build a new certificate or certificate chain: {ErrorCode}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services were unable to build a new certificate or certificate chain: {ErrorCode}.

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678159 — Active Directory Certificate Services did not start: Version does not match certif.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Version does not match certif.dll.

Event ID 3260678160 — Active Directory Certificate Services did not start: Unable to initialize OLE: {ErrorCode}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Unable to initialize OLE: {ErrorCode}.

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678161 — Active Directory Certificate Services did not start: Unable to initialize the database connection for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Unable to initialize the database connection for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678163 — Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CACommonName}\SubjectTemplate is invalid.  An example of a valid string is: CommonName OrganizationalUnit Organization Locality State Country

Fields

Name	Description
`CACommonName`	—

Event ID 3260678164 — Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\Cu...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CACommonName}\ValidityPeriod is invalid.  Valid strings are 'Seconds'; 'Minutes'; 'Hours'; 'Days'; 'Weeks'; 'Months' and 'Years'.

Fields

Name	Description
`CACommonName`	—

Event ID 3260678165 — Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.  The request was for {SubjectName}.

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—

Event ID 3260678166 — Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.  The request was for {SubjectName}.  Additional information: {AdditionalInformation}

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—
`AdditionalInformation`	—

Event ID 3260678167 — Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.  The request was for {SubjectName}.  The certificate would contain an encoded length that is potentially incompatible with older enrollment software.  Submit a new request using different length input data for the following field: {Field}

Fields

Name	Description
`RequestId`	—
`ErrorCode`	—
`SubjectName`	—
`Field`	—

Event ID 3260678171 — Active Directory Certificate Services did not start: Hierarchical setup is incomplete.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Hierarchical setup is incomplete.  Use the request file in {RequestFileName}.req to obtain a certificate for this Certificate Server; and use the Certification Authority administration tool to install the new certificate and complete the installation.

Fields

Name	Description
`RequestFileName`	—

Event ID 3260678172 — Active Directory Certificate Services did not start: The Certificate Revocation List Period string is invalid in the registry value HKEY_LOCAL_MACH...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: The Certificate Revocation List Period string is invalid in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CACommonName}\CRLPeriod.  Valid strings are 'Seconds'; 'Minutes'; 'Hours'; 'Days'; 'Weeks'; 'Months' and 'Years'.

Fields

Name	Description
`CACommonName`	—

Event ID 3260678177 — Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678178 — Active Directory Certificate Services did not start: Could not initialize RPC for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Could not initialize RPC for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678179 — Active Directory Certificate Services did not start: Could not initialize OLE for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Could not initialize OLE for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678183 — Active Directory Certificate Services did not start: The Certification Authority DCOM class for {CACommonName} could not be registered.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: The Certification Authority DCOM class for {CACommonName} could not be registered.  {ErrorCode}.  Use the services administration tool to change the Certification Authority logon context.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678184 — Active Directory Certificate Services did not start: Could not initialize DCOM class factories for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Could not initialize DCOM class factories for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678185 — Active Directory Certificate Services did not start: Could not initialize DCOM Security Context for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Could not initialize DCOM Security Context for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678186 — Could not build a certificate chain for CA certificate {CACertIdentifier} for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Could not build a certificate chain for CA certificate {CACertIdentifier} for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678187 — The '.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The '{PolicyModuleDescription}' Policy Module '{MethodName}' method caused an exception at address {ExceptionAddress}.  The exception code is {ExceptionCode}.

Fields

Name	Description
`PolicyModuleDescription`	—
`MethodName`	—
`ExceptionAddress`	—
`ExceptionCode`	—

Event ID 3260678188 — The '.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The '{PolicyModuleDescription}' Policy Module '{MethodName}' method returned an error. {ErrorString} The returned status code is {ErrorCode}.  {param4}

Fields

Name	Description
`PolicyModuleDescription`	—
`MethodName`	—
`ErrorString`	—
`ErrorCode`	—
`param4`	—

Event ID 3260678189 — The '.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The '{ExitModuleDescription}' Exit Module '{MethodName}' method caused an exception at address {ExceptionAddress}.  The exception code is {ExceptionCode}.

Fields

Name	Description
`ExitModuleDescription`	—
`MethodName`	—
`ExceptionAddress`	—
`ExceptionCode`	—

Event ID 3260678190 — The '.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The '{ExitModuleDescription}' Exit Module '{MethodName}' method returned an error. {ErrorString} The returned status code is {ErrorCode}.  {param4}

Fields

Name	Description
`ExitModuleDescription`	—
`MethodName`	—
`ErrorString`	—
`ErrorCode`	—
`param4`	—

Event ID 3260678195 — A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has been revoked.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has been revoked.  {ErrorCode}.

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678202 — A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has expired.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has expired.  {ErrorCode}.

Fields

Name	Description
`CACertIdentifier`	—
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678203 — Active Directory Certificate Services did not start: Could not connect to the Active Directory for {CACommonName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Could not connect to the Active Directory for {CACommonName}.  {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678204 — Active Directory Certificate Services refused to process an extremely long request from {SubjectName}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services refused to process an extremely long request from {SubjectName}. This may indicate a denial-of-service attack. If the request was rejected in error; modify the MaxIncomingMessageSize registry parameter via certutil -setreg CA\MaxIncomingMessageSize <bytes>.Unless verbose logging is enabled; this error will not be logged again for 20 minutes.

Fields

Name	Description
`SubjectName`	—

Event ID 3260678207 — Active Directory Certificate Services did not start: {CACommonName} {ErrorCode}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: {CACommonName} {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678208 — Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Event ID 3260678209 — Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location: {URL}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 3260678210 — Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location: {URL}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`CAKeyIdentifier`	—
`URL`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 3260678211 — Active Directory Certificate Services made {NumberOfAttempts} attempts to publish a CRL and will stop publishing attempts until the next CRL is gen...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services made {NumberOfAttempts} attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Fields

Name	Description
`NumberOfAttempts`	—

Event ID 3260678218 — Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`CAKeyIdentifier`	—
`HostName`	—
`URL`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 3260678219 — Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields

Name	Description
`CAKeyIdentifier`	—
`HostName`	—
`URL`	—
`ErrorMessageText`	—
`param5`	—
`AdditionalErrorMessage`	—

Event ID 3260678222 — The '.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The '{PolicyModuleDescription}' Policy Module logged the following error: {ErrorMessage}

Fields

Name	Description
`PolicyModuleDescription`	—
`ErrorMessage`	—

Event ID 3260678225 — Active Directory Certificate Services key archival is only supported on Advanced Server.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services key archival is only supported on Advanced Server.  {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678226 — Active Directory Certificate Services could only verify {NumberOfValidKRACerts} of {RequiredNumberOfValidKRACerts} key recovery certificates requir...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could only verify {NumberOfValidKRACerts} of {RequiredNumberOfValidKRACerts} key recovery certificates required to enable private key archival.  Requests to archive private keys will not be accepted.

Fields

Name	Description
`NumberOfValidKRACerts`	—
`RequiredNumberOfValidKRACerts`	—

Event ID 3260678227 — Active Directory Certificate Services encountered an error loading key recovery certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services encountered an error loading key recovery certificates.  Requests to archive private keys will not be accepted.  {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678228 — Active Directory Certificate Services will not use key recovery certificate {KRACertIndex} because it could not be verified for use as a Key Recove...

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services will not use key recovery certificate {KRACertIndex} because it could not be verified for use as a Key Recovery Agent.  {KRACertSubjectName}  {ErrorCode}

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 3260678229 — Active Directory Certificate Services ignored key recovery certificate {KRACertIndex} because it could not be loaded.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services ignored key recovery certificate {KRACertIndex} because it could not be loaded.  {KRACertSubjectName}  {ErrorCode}

Fields

Name	Description
`KRACertIndex`	—
`KRACertSubjectName`	—
`ErrorCode`	—

Event ID 3260678231 — Active Directory Certificate Services could not use the default provider for encryption keys.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not use the default provider for encryption keys.  {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678234 — {ExceptionLocation}: Active Directory Certificate Services detected an exception at address {ExceptionAddress}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

{ExceptionLocation}: Active Directory Certificate Services detected an exception at address {ExceptionAddress}.  Flags = {ExceptionFlags}.  The exception is {ErrorCode}.

Fields

Name	Description
`ExceptionLocation`	—
`ExceptionAddress`	—
`ExceptionFlags`	—
`ErrorCode`	—

Event ID 3260678235 — Could not connect to the Active Directory.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Could not connect to the Active Directory.  Active Directory Certificate Services will retry when processing requires Active Directory access.

Event ID 3260678236 — Active Directory Certificate Services could not update security permissions.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not update security permissions. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678239 — Security permissions are corrupted or missing.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Security permissions are corrupted or missing.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 3260678240 — Active Directory Certificate Services could not create an encryption certificate.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not create an encryption certificate.  {Disposition}.  {ErrorCode}.

Fields

Name	Description
`Disposition`	—
`ErrorCode`	—

Event ID 3260678242 — Active Directory Certificate Services encountered errors validating configured key recovery certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services encountered errors validating configured key recovery certificates.  Requests to archive private keys will no longer be accepted.

Event ID 3260678243 — Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.  {Disposition}.  {ErrorCode}.

Fields

Name	Description
`Version`	—
`Disposition`	—
`ErrorCode`	—

Event ID 3260678244 — Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.  {CACommonName} {ErrorCode}.

Fields

Name	Description
`CACommonName`	—
`ErrorCode`	—

Event ID 3260678246 — Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.  The {ExtensionOid} extension is inconsistent.  {Disposition}.  {ErrorCode}.

Fields

Name	Description
`Version`	—
`ExtensionOid`	—
`Disposition`	—
`ErrorCode`	—

Event ID 3260678250 — Active Directory Certificate Services cannot add certificate {CACertIdentifier} to {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services cannot add certificate {CACertIdentifier} to {DN}.  {DSErrorMessage}.  {AdditionalErrorMessage}.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—
`DSErrorMessage`	—
`AdditionalErrorMessage`	—

Event ID 3260678251 — Active Directory Certificate Services cannot delete invalid certificate {CACertIdentifier} from {DN}.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services cannot delete invalid certificate {CACertIdentifier} from {DN}.  {DSErrorMessage}.  {AdditionalErrorMessage}.

Fields

Name	Description
`CACertIdentifier`	—
`DN`	—
`DSErrorMessage`	—
`AdditionalErrorMessage`	—

Event ID 3260678255 — Active Directory Certificate Services upgrade failed because the upgrade path could not be determined.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services upgrade failed because the upgrade path could not be determined. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678256 — Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678269 — Active Directory Certificate Services upgrade failed.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services upgrade failed. Active Directory Certificate Services settings have not been upgraded. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678270 — Current information about advanced features supported by this Certification Authority is not available from the domain controller.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Current information about advanced features supported by this Certification Authority is not available from the domain controller. Stop and restart Certificate Services in order to update this information. {ErrorCode}

Fields

Name	Description
`ErrorCode`	—

Event ID 3260678274 — Active Directory Certificate Services could not create a certificate revocation list.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

Active Directory Certificate Services could not create a certificate revocation list. {ErrorMessageText}.  This may cause applications that need to check the revocation status of certificates issued by this CA to fail. You can recreate the certificate revocation list manually by running the following command: 'certutil -CRL'. If the problem persists; restart Certificate Services.

Fields

Name	Description
`ErrorMessageText`	—

Event ID 3260678276 — The certification authority (CA) was unable to perform a decryption operation.

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The certification authority (CA) was unable to perform a decryption operation.  This error can occur when an advanced encryption algorithm such as Advanced Encryption Standard (AES) is used and the CA has not been configured to use a CryptoAPI Next Generation (CNG) key storage provider. If this error occurred during certificate enrollment; check the certificate template to ensure that advanced encryption for key archival is not enabled.

Event ID 3260678277 — The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL).

Provider: Microsoft-Windows-CertificationAuthority
Channel: Operational

Message

The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL). The CA will not issue any certificates or CRLs that do not contain this extension. To correct this problem; use the Certification Authority snap-in to remove any Unicode characters in the URLs for the AIA; CDP; and IDP extensions; then restart the CA.