Microsoft-Windows-CertificationAuthority

355 events across 2 channels

EventTitleChannel
5Active Directory Certificate Services could not find required registry …Application
5Active Directory Certificate Services could not find required registry …Operational
6Active Directory Certificate Services issued a certificate for request RequestId …Application
6Active Directory Certificate Services issued a certificate for request RequestId …Operational
7Active Directory Certificate Services denied request RequestId because Reason.Application
7Active Directory Certificate Services denied request RequestId becauseOperational
8Active Directory Certificate Services left request RequestId pending in the …Application
8Active Directory Certificate Services left request RequestId pending in the …Operational
9The Active Directory Certificate Services did not start: Unable to load an …Application
9The Active Directory Certificate Services did not start: Unable to load an …Operational
10Active Directory Certificate Services were unable to build a new certificate or …Application
10Active Directory Certificate Services were unable to build a new certificate or …Operational
15Active Directory Certificate Services did not start: Version does not match …Application
15Active Directory Certificate Services did not start: Version does not match …Operational
16Active Directory Certificate Services did not start: Unable to initialize OLE: …Application
16Active Directory Certificate Services did not start: Unable to initialize OLE:Operational
17Active Directory Certificate Services did not start: Unable to initialize the …Application
17Active Directory Certificate Services did not start: Unable to initialize the …Operational
19Active Directory Certificate Services did not start: The Subject Name Template …Application
19Active Directory Certificate Services did not start: The Subject Name Template …Operational
20Active Directory Certificate Services did not start: The Certificate Date …Application
20Active Directory Certificate Services did not start: The Certificate Date …Operational
21Active Directory Certificate Services could not process request Name due to an …Application
21Active Directory Certificate Services could not process request RequestId due to …Operational
22Active Directory Certificate Services could not process request RequestId due to …Application
22Active Directory Certificate Services could not process request RequestId due to …Operational
23Active Directory Certificate Services could not process request RequestId due to …Application
23Active Directory Certificate Services could not process request RequestId due to …Operational
25Active Directory Certificate Services revoked the certificate for request …Application
25Active Directory Certificate Services revoked the certificate for request …Operational
26Active Directory Certificate Services for Name was started.Application
26Active Directory Certificate Services for CACommonName was startedOperational
27Active Directory Certificate Services did not start: Hierarchical setup is …Application
27Active Directory Certificate Services did not start: Hierarchical setup is …Operational
33Active Directory Certificate Services did not start: Could not create the …Application
33Active Directory Certificate Services did not start: Could not create the …Operational
34Active Directory Certificate Services did not start: Could not initialize RPC …Application
34Active Directory Certificate Services did not start: Could not initialize RPC …Operational
35Active Directory Certificate Services did not start: Could not initialize OLE …Application
35Active Directory Certificate Services did not start: Could not initialize OLE …Operational
38Active Directory Certificate Services for Name was stopped.Application
38Active Directory Certificate Services for CACommonName was stoppedOperational
39Active Directory Certificate Services did not start: The Certification Authority …Application
39Active Directory Certificate Services did not start: The Certification Authority …Operational
40Active Directory Certificate Services did not start: Could not initialize DCOM …Application
40Active Directory Certificate Services did not start: Could not initialize DCOM …Operational
42Could not build a certificate chain for CA certificate CACertIdentifier for …Application
42Could not build a certificate chain for CA certificate CACertIdentifier forOperational
43The "PolicyModuleDescription" Policy Module "MethodName" method caused an …Application
43The "PolicyModuleDescription" Policy Module "MethodName" method caused an …Operational
44The "Name" Policy Module "PolicyModuleDescription" method returned an error.Application
44The "PolicyModuleDescription" Policy Module "MethodName" method returned an …Operational
45The "ExitModuleDescription" Exit Module "MethodName" method caused an exception …Application
45The "ExitModuleDescription" Exit Module "MethodName" method caused an exception …Operational
46The "ExitModuleDescription" Exit Module "MethodName" method returned an error.Application
46The "ExitModuleDescription" Exit Module "MethodName" method returned an errorOperational
48Revocation status for a certificate in the chain for CA certificate …Application
48Revocation status for a certificate in the chain for CA certificate …Operational
49A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Application
49A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Operational
51A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Application
51A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Operational
52Active Directory Certificate Services issued a certificate for request RequestId …Application
52Active Directory Certificate Services issued a certificate for request RequestId …Operational
53Active Directory Certificate Services denied request Name because RequestId.Application
53Active Directory Certificate Services denied request RequestId becauseOperational
54Active Directory Certificate Services left request RequestId pending in the …Application
54Active Directory Certificate Services left request RequestId pending in the …Operational
56Active Directory Certificate Services denied request RequestId.Application
56Active Directory Certificate Services denied requestOperational
57Active Directory Certificate Services denied request RequestId.Application
57Active Directory Certificate Services denied requestOperational
58A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Application
58A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Operational
59Active Directory Certificate Services did not start: Could not connect to the …Application
59Active Directory Certificate Services did not start: Could not connect to the …Operational
60Active Directory Certificate Services refused to process an extremely long …Application
60Active Directory Certificate Services refused to process an extremely long …Operational
62Active Directory Certificate Services had problems loading valid CRL publication …Application
62Active Directory Certificate Services had problems loading valid CRL publication …Operational
63Active Directory Certificate Services did not start: CACommonName ErrorCode.Application
63Active Directory Certificate Services did not start: CACommonNameOperational
64Active Directory Certificate Services cannot publish enrollment access changes …Application
64Active Directory Certificate Services cannot publish enrollment access changes …Operational
65Active Directory Certificate Services could not publish a Base CRL for key Name …Application
65Active Directory Certificate Services could not publish a Base CRL for key …Operational
66Active Directory Certificate Services could not publish a Delta CRL for key …Application
66Active Directory Certificate Services could not publish a Delta CRL for key …Operational
67Active Directory Certificate Services made NumberOfAttempts attempts to publish …Application
67Active Directory Certificate Services made NumberOfAttempts attempts to publish …Operational
68Active Directory Certificate Services successfully published Base CRL(s).Application
68Active Directory Certificate Services successfully published Base CRL(s)Operational
69Active Directory Certificate Services successfully published Delta CRL(s).Application
69Active Directory Certificate Services successfully published Delta CRL(s)Operational
70Active Directory Certificate Services successfully published Base and Delta …Application
70Active Directory Certificate Services successfully published Base and Delta …Operational
71Active Directory Certificate Services successfully published Base CRL(s) to …Application
71Active Directory Certificate Services successfully published Base CRL(s) to …Operational
72Active Directory Certificate Services successfully published Delta CRL(s) to …Application
72Active Directory Certificate Services successfully published Delta CRL(s) to …Operational
73Active Directory Certificate Services successfully published Base and Delta …Application
73Active Directory Certificate Services successfully published Base and Delta …Operational
74Active Directory Certificate Services could not publish a Base CRL for key …Application
74Active Directory Certificate Services could not publish a Base CRL for key …Operational
75Active Directory Certificate Services could not publish a Delta CRL for key …Application
75Active Directory Certificate Services could not publish a Delta CRL for key …Operational
76The "PolicyModuleDescription" Policy Module logged the following information: …Application
76The "PolicyModuleDescription" Policy Module logged the following information:Operational
77The "Name" Policy Module logged the following warning: PolicyModuleDescription.Application
77The "PolicyModuleDescription" Policy Module logged the following warning:Operational
78The "PolicyModuleDescription" Policy Module logged the following error: …Application
78The "PolicyModuleDescription" Policy Module logged the following error:Operational
79Active Directory Certificate Services could not publish a Certificate for …Application
79Active Directory Certificate Services could not publish a Certificate for …Operational
80Active Directory Certificate Services could not publish a Certificate for …Application
80Active Directory Certificate Services could not publish a Certificate for …Operational
81Active Directory Certificate Services key archival is only supported on Advanced …Application
81Active Directory Certificate Services key archival is only supported on Advanced …Operational
82Active Directory Certificate Services could only verify NumberOfValidKRACerts of …Application
82Active Directory Certificate Services could only verify NumberOfValidKRACerts of …Operational
83Active Directory Certificate Services encountered an error loading key recovery …Application
83Active Directory Certificate Services encountered an error loading key recovery …Operational
84Active Directory Certificate Services will not use key recovery certificate …Application
84Active Directory Certificate Services will not use key recovery certificate …Operational
85Active Directory Certificate Services ignored key recovery certificate …Application
85Active Directory Certificate Services ignored key recovery certificate …Operational
86Active Directory Certificate Services could not use the provider specified in …Application
86Active Directory Certificate Services could not use the provider specified in …Operational
87Active Directory Certificate Services could not use the default provider for …Application
87Active Directory Certificate Services could not use the default provider for …Operational
88Active Directory Certificate Services switched to the default provider for …Application
88Active Directory Certificate Services switched to the default provider for …Operational
90ExceptionLocation: Active Directory Certificate Services detected an exception …Application
90ExceptionLocation: Active Directory Certificate Services detected an exception …Operational
91Could not connect to the Active Directory.Application
91Could not connect to the Active DirectoryOperational
92Active Directory Certificate Services could not update security permissions.Application
92Active Directory Certificate Services could not update security permissionsOperational
93The certificate (#CACertIdentifier) of Active Directory Certificate Services …Application
93The certificate (#CACertIdentifier) of Active Directory Certificate Services …Operational
94Active Directory Certificate Services CACommonName can not open the certificate …Application
94Active Directory Certificate Services CACommonName can not open the certificate …Operational
95Security permissions are corrupted or missing.Application
95Security permissions are corrupted or missingOperational
96Active Directory Certificate Services could not create an encryption …Application
96Active Directory Certificate Services could not create an encryption certificateOperational
97Active Directory Certificate Services CACommonName will reduce the maximum …Application
97Active Directory Certificate Services CACommonName will reduce the maximum …Operational
98Active Directory Certificate Services encountered errors validating configured …Application
98Active Directory Certificate Services encountered errors validating configured …Operational
99Active Directory Certificate Services could not create cross certificate Version …Application
99Active Directory Certificate Services could not create cross certificate Version …Operational
100Active Directory Certificate Services did not start: Could not load or verify …Application
100Active Directory Certificate Services did not start: Could not load or verify …Operational
101Active Directory Certificate Services created CA cross certificate Version for …Application
101Active Directory Certificate Services created CA cross certificate Version forOperational
102Active Directory Certificate Services could not create cross certificate Version …Application
102Active Directory Certificate Services could not create cross certificate Version …Operational
103Active Directory Certificate Services added the root certificate of certificate …Application
103Active Directory Certificate Services added the root certificate of certificate …Operational
104Active Directory Certificate Services published certificate CACertIdentifier to …Application
104Active Directory Certificate Services published certificate CACertIdentifier toOperational
105Active Directory Certificate Services deleted invalid certificate …Application
105Active Directory Certificate Services deleted invalid certificate …Operational
106Active Directory Certificate Services cannot add certificate CACertIdentifier to …Application
106Active Directory Certificate Services cannot add certificate CACertIdentifier toOperational
107Active Directory Certificate Services cannot delete invalid certificate …Application
107Active Directory Certificate Services cannot delete invalid certificate …Operational
108Active Directory Certificate Services could not delete a Certificate for request …Application
108Active Directory Certificate Services could not delete a Certificate for request …Operational
109Active Directory Certificate Services could not delete a Certificate for request …Application
109Active Directory Certificate Services could not delete a Certificate for request …Operational
110Active Directory Certificate Services could not initialize the performance …Application
110Active Directory Certificate Services could not initialize the performance …Operational
111Active Directory Certificate Services upgrade failed because the upgrade path …Application
111Active Directory Certificate Services upgrade failed because the upgrade path …Operational
112Active Directory Certificate Services upgrade failed because information …Application
112Active Directory Certificate Services upgrade failed because information …Operational
113A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
113A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
114A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
114A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
115A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
115A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
116A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
116A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
117A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
117A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
118A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
118A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
121A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
121A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
122A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
122A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
123A portion of the Active Directory Certificate Services upgrade failed: Could not …Application
123A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
124Active Directory Certificate Services upgrade succeeded.Application
124Active Directory Certificate Services upgrade succeededOperational
125Active Directory Certificate Services upgrade failed.Application
125Active Directory Certificate Services upgrade failedOperational
126Current information about advanced features supported by this Certification …Application
126Current information about advanced features supported by this Certification …Operational
127Key recovery certificate KRACertIndex is about to expire soon and will not be …Application
127Key recovery certificate KRACertIndex is about to expire soon and will not be …Operational
128An Authority Key Identifier was passed as part of the certificate request …Application
128An Authority Key Identifier was passed as part of the certificate requestOperational
129An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration …Application
129An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration …Operational
130Active Directory Certificate Services could not create a certificate revocation …Application
130Active Directory Certificate Services could not create a certificate revocation …Operational
131An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL …Application
131An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL …Operational
132The certification authority (CA) was unable to perform a decryption operation.Application
132The certification authority (CA) was unable to perform a decryption operationOperational
133The certification authority (CA) failed to encode a server extension required to …Application
133The certification authority (CA) failed to encode a server extension required to …Operational
134A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Application
134A certificate in the chain for CA certificate CACertIdentifier for CACommonName …Operational
135Active Directory Certificate Services successfully created dummy key pair …Application
135Active Directory Certificate Services successfully created dummy key pair …Operational
136Active Directory Certificate Services could not create dummy key pair required …Application
136Active Directory Certificate Services could not create dummy key pair required …Operational
138Active Directory Certificate Services did not start: Unable to initialize OLE …Application
138Active Directory Certificate Services did not start: Unable to initialize OLE …Operational
139Active Directory Certificate Services did not start: The registry value …Application
139Active Directory Certificate Services did not start: The registry value …Operational
140Active Directory Certificate Services did not start: The registry value …Application
140Active Directory Certificate Services did not start: The registry value …Operational
141Active Directory Certificate Services did not start: LDAP URLs should not be …Application
141Active Directory Certificate Services did not start: LDAP URLs should not be …Operational
142Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be …Application
142Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be …Operational
143Active Directory Certificate Services did not start: At least one of the URLs …Application
143Active Directory Certificate Services did not start: At least one of the URLs …Operational
144Active Directory Certificate Services did not start: The current configuration …Application
144Active Directory Certificate Services did not start: The current configuration …Operational
145The Subject Key Identifier (SKI) computed by the certification authority (CA) …Application
145The Subject Key Identifier (SKI) computed by the certification authority (CA) …Operational
146Active Directory Certificate Services did not start: The registry value …Application
146Active Directory Certificate Services did not start: The registry value …Operational
1113194502Active Directory Certificate Services issued a certificate for request …Operational
1113194504Active Directory Certificate Services left request {RequestId} pending in the …Operational
1113194521Active Directory Certificate Services revoked the certificate for request …Operational
1113194522Active Directory Certificate Services for {CACommonName} was started.Operational
1113194525Active Directory Certificate Services issued a new Certificate Revocation List …Operational
1113194534Active Directory Certificate Services for {CACommonName} was stopped.Operational
1113194548Active Directory Certificate Services issued a certificate for request …Operational
1113194550Active Directory Certificate Services left request {RequestId} pending in the …Operational
1113194551Active Directory Certificate Services unrevoked the certificate for request …Operational
1113194552Active Directory Certificate Services denied request {RequestId}.Operational
1113194553Active Directory Certificate Services denied request {RequestId}.Operational
1113194564Active Directory Certificate Services successfully published Base CRL(s).Operational
1113194565Active Directory Certificate Services successfully published Delta CRL(s).Operational
1113194566Active Directory Certificate Services successfully published Base and Delta …Operational
1113194567Active Directory Certificate Services successfully published Base CRL(s) to …Operational
1113194568Active Directory Certificate Services successfully published Delta CRL(s) to …Operational
1113194569Active Directory Certificate Services successfully published Base and Delta …Operational
1113194572The '{PolicyModuleDescription}' Policy Module logged the following information: …Operational
1113194597Active Directory Certificate Services created CA cross certificate {Version} for …Operational
1113194620Active Directory Certificate Services upgrade succeeded.Operational
2186805251Request failed.Operational
2186936327Active Directory Certificate Services denied request {RequestId} because …Operational
2186936368Revocation status for a certificate in the chain for CA certificate …Operational
2186936369A certificate in the chain for CA certificate {CACertIdentifier} for …Operational
2186936373Active Directory Certificate Services denied request {RequestId} because …Operational
2186936382Active Directory Certificate Services had problems loading valid CRL publication …Operational
2186936397The '{PolicyModuleDescription}' Policy Module logged the following warning: …Operational
2186936399Active Directory Certificate Services could not publish a Certificate for …Operational
2186936400Active Directory Certificate Services could not publish a Certificate for …Operational
2186936406Active Directory Certificate Services could not use the provider specified in …Operational
2186936408Active Directory Certificate Services switched to the default provider for …Operational
2186936413The certificate (#{CACertIdentifier}) of Active Directory Certificate Services …Operational
2186936414Active Directory Certificate Services {CACommonName} can not open the …Operational
2186936417Active Directory Certificate Services {CACommonName} will reduce the maximum …Operational
2186936423Active Directory Certificate Services added the root certificate of certificate …Operational
2186936424Active Directory Certificate Services published certificate {CACertIdentifier} …Operational
2186936425Active Directory Certificate Services deleted invalid certificate …Operational
2186936428Active Directory Certificate Services could not delete a Certificate for request …Operational
2186936429Active Directory Certificate Services could not delete a Certificate for request …Operational
2186936430Active Directory Certificate Services could not initialize the performance …Operational
2186936433A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936434A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936435A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936436A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936437A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936438A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936439A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936440A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936441A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936442A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936443A portion of the Active Directory Certificate Services upgrade failed: Could not …Operational
2186936447Key recovery certificate {KRACertIndex} is about to expire soon and will not be …Operational
2186936448An Authority Key Identifier was passed as part of the certificate request …Operational
2186936449An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration …Operational
2186936451An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL …Operational
3260678149Active Directory Certificate Services could not find required registry …Operational
3260678153The Active Directory Certificate Services did not start: Unable to load an …Operational
3260678154Active Directory Certificate Services were unable to build a new certificate or …Operational
3260678159Active Directory Certificate Services did not start: Version does not match …Operational
3260678160Active Directory Certificate Services did not start: Unable to initialize OLE: …Operational
3260678161Active Directory Certificate Services did not start: Unable to initialize the …Operational
3260678163Active Directory Certificate Services did not start: The Subject Name Template …Operational
3260678164Active Directory Certificate Services did not start: The Certificate Date …Operational
3260678165Active Directory Certificate Services could not process request {RequestId} due …Operational
3260678166Active Directory Certificate Services could not process request {RequestId} due …Operational
3260678167Active Directory Certificate Services could not process request {RequestId} due …Operational
3260678171Active Directory Certificate Services did not start: Hierarchical setup is …Operational
3260678172Active Directory Certificate Services did not start: The Certificate Revocation …Operational
3260678177Active Directory Certificate Services did not start: Could not create the …Operational
3260678178Active Directory Certificate Services did not start: Could not initialize RPC …Operational
3260678179Active Directory Certificate Services did not start: Could not initialize OLE …Operational
3260678183Active Directory Certificate Services did not start: The Certification Authority …Operational
3260678184Active Directory Certificate Services did not start: Could not initialize DCOM …Operational
3260678185Active Directory Certificate Services did not start: Could not initialize DCOM …Operational
3260678186Could not build a certificate chain for CA certificate {CACertIdentifier} for …Operational
3260678187The '{PolicyModuleDescription}' Policy Module '{MethodName}' method caused an …Operational
3260678188The '{PolicyModuleDescription}' Policy Module '{MethodName}' method returned an …Operational
3260678189The '{ExitModuleDescription}' Exit Module '{MethodName}' method caused an …Operational
3260678190The '{ExitModuleDescription}' Exit Module '{MethodName}' method returned an …Operational
3260678195A certificate in the chain for CA certificate {CACertIdentifier} for …Operational
3260678202A certificate in the chain for CA certificate {CACertIdentifier} for …Operational
3260678203Active Directory Certificate Services did not start: Could not connect to the …Operational
3260678204Active Directory Certificate Services refused to process an extremely long …Operational
3260678207Active Directory Certificate Services did not start: {CACommonName} {ErrorCode}.Operational
3260678208Active Directory Certificate Services cannot publish enrollment access changes …Operational
3260678209Active Directory Certificate Services could not publish a Base CRL for key …Operational
3260678210Active Directory Certificate Services could not publish a Delta CRL for key …Operational
3260678211Active Directory Certificate Services made {NumberOfAttempts} attempts to …Operational
3260678218Active Directory Certificate Services could not publish a Base CRL for key …Operational
3260678219Active Directory Certificate Services could not publish a Delta CRL for key …Operational
3260678222The '{PolicyModuleDescription}' Policy Module logged the following error: …Operational
3260678225Active Directory Certificate Services key archival is only supported on Advanced …Operational
3260678226Active Directory Certificate Services could only verify {NumberOfValidKRACerts} …Operational
3260678227Active Directory Certificate Services encountered an error loading key recovery …Operational
3260678228Active Directory Certificate Services will not use key recovery certificate …Operational
3260678229Active Directory Certificate Services ignored key recovery certificate …Operational
3260678231Active Directory Certificate Services could not use the default provider for …Operational
3260678234{ExceptionLocation}: Active Directory Certificate Services detected an exception …Operational
3260678235Could not connect to the Active Directory.Operational
3260678236Active Directory Certificate Services could not update security permissions.Operational
3260678239Security permissions are corrupted or missing.Operational
3260678240Active Directory Certificate Services could not create an encryption …Operational
3260678242Active Directory Certificate Services encountered errors validating configured …Operational
3260678243Active Directory Certificate Services could not create cross certificate …Operational
3260678244Active Directory Certificate Services did not start: Could not load or verify …Operational
3260678246Active Directory Certificate Services could not create cross certificate …Operational
3260678250Active Directory Certificate Services cannot add certificate {CACertIdentifier} …Operational
3260678251Active Directory Certificate Services cannot delete invalid certificate …Operational
3260678255Active Directory Certificate Services upgrade failed because the upgrade path …Operational
3260678256Active Directory Certificate Services upgrade failed because information …Operational
3260678269Active Directory Certificate Services upgrade failed.Operational
3260678270Current information about advanced features supported by this Certification …Operational
3260678274Active Directory Certificate Services could not create a certificate revocation …Operational
3260678276The certification authority (CA) was unable to perform a decryption operation.Operational
3260678277The certification authority (CA) failed to encode a server extension required to …Operational

Event ID 5: Active Directory Certificate Services could not find required registry information.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not find required registry information. The Active Directory Certificate Services may need to be reinstalled.

Message #

Active Directory Certificate Services could not find required registry information.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 5: Active Directory Certificate Services could not find required registry information

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not find required registry information. The Active Directory Certificate Services may need to be reinstalled.

Event ID 6: Active Directory Certificate Services issued a certificate for request RequestId for SubjectName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services issued a certificate for request RequestId for SubjectName.

Message #

Active Directory Certificate Services issued a certificate for request %1 for %2.

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 6: Active Directory Certificate Services issued a certificate for request RequestId for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services issued a certificate for request for .

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 7: Active Directory Certificate Services denied request RequestId because Reason.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services denied request RequestId because Reason. The request was for SubjectName.

Message #

Active Directory Certificate Services denied request %1 because %2.  The request was for %3.

Fields #

NameDescription
RequestId UnicodeString
Reason UnicodeString
SubjectName UnicodeString

Event ID 7: Active Directory Certificate Services denied request RequestId because

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services denied request because . The request was for .

Fields #

NameDescription
RequestId UnicodeString
Reason UnicodeString
SubjectName UnicodeString

Event ID 8: Active Directory Certificate Services left request RequestId pending in the queue for SubjectName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services left request RequestId pending in the queue for SubjectName.

Message #

Active Directory Certificate Services left request %1 pending in the queue for %2.

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 8: Active Directory Certificate Services left request RequestId pending in the queue for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services left request pending in the queue for .

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 9: The Active Directory Certificate Services did not start: Unable to load an external policy module.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The Active Directory Certificate Services did not start: Unable to load an external policy module.

Message #

The Active Directory Certificate Services did not start: Unable to load an external policy module.

Event ID 9: The Active Directory Certificate Services did not start: Unable to load an external policy module

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The Active Directory Certificate Services did not start: Unable to load an external policy module.

Event ID 10: Active Directory Certificate Services were unable to build a new certificate or certificate chain: ErrorCode.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services were unable to build a new certificate or certificate chain: ErrorCode.

Message #

Active Directory Certificate Services were unable to build a new certificate or certificate chain: %1.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 10: Active Directory Certificate Services were unable to build a new certificate or certificate chain:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services were unable to build a new certificate or certificate chain: .

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 15: Active Directory Certificate Services did not start: Version does not match certif.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Version does not match certif.dll.

Message #

Active Directory Certificate Services did not start: Version does not match certif.dll.

Event ID 15: Active Directory Certificate Services did not start: Version does not match certif

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Version does not match certif.dll.

Event ID 16: Active Directory Certificate Services did not start: Unable to initialize OLE: ErrorCode.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Unable to initialize OLE: ErrorCode.

Message #

Active Directory Certificate Services did not start: Unable to initialize OLE: %1.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 16: Active Directory Certificate Services did not start: Unable to initialize OLE:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Unable to initialize OLE: .

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 17: Active Directory Certificate Services did not start: Unable to initialize the database connection for Name.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Error

Description

Active Directory Certificate Services did not start: Unable to initialize the database connection for Name. CACommonName.

Message #

Active Directory Certificate Services did not start: Unable to initialize the database connection for %1.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 17,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T23:06:28.978789+00:00",
    "event_record_id": 4237,
    "correlation": {},
    "execution": {
      "process_id": 13508,
      "thread_id": 10540
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_E_DB_INIT_FAILED",
    "CACommonName": "EvtGen-Root-CA",
    "ErrorCode": "Certificate service has been suspended for a database restore operation. 0x80094006 (-2146877434 CERTSRV_E_SERVER_SUSPENDED)"
  },
  "message": ""
}

Event ID 17: Active Directory Certificate Services did not start: Unable to initialize the database connection for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services did not start: Unable to initialize the database connection for . .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 17,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:06:28.9787899+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "Certificate service has been suspended for a database restore operation. 0x80094006 (-2146877434 CERTSRV_E_SERVER_SUSPENDED)",
    "CACommonName": "EvtGen-Root-CA"
  }
}

Event ID 19: Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CACommonName\SubjectTemplate is invalid. An example of a valid string is: CommonName OrganizationalUnit Organization Locality State Country

Message #

Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\SubjectTemplate is invalid.  An example of a valid string is: CommonName OrganizationalUnit Organization Locality State Country

Fields #

NameDescription
CACommonName UnicodeString

Event ID 19: Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CACommonName\S...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACommonName UnicodeString

Event ID 20: Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\Cu...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CACommonName\ValidityPeriod is invalid. Valid strings are "Seconds", "Minutes", "Hours", "Days", "Weeks", "Months" and "Years".

Message #

Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\ValidityPeriod is invalid.  Valid strings are "Seconds", "Minutes", "Hours", "Days", "Weeks", "Months" and "Years".

Fields #

NameDescription
CACommonName UnicodeString

Event ID 20: Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CAC...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACommonName UnicodeString

Event ID 21: Active Directory Certificate Services could not process request Name due to an error: RequestId.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Error

Description

Active Directory Certificate Services could not process request Name due to an error: RequestId. The request was for ErrorCode.

Message #

Active Directory Certificate Services could not process request %1 due to an error: %2.  The request was for %3.

Fields #

NameDescription
RequestId UnicodeString
ErrorCode UnicodeString
SubjectName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 21,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T20:24:03.969860+00:00",
    "event_record_id": 3714,
    "correlation": {},
    "execution": {
      "process_id": 9432,
      "thread_id": 6164
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_E_PROCESS_REQUEST_FAILED",
    "RequestId": "1",
    "ErrorCode": "The request's current status does not allow this operation. 0x80094003 (-2146877437 CERTSRV_E_BAD_REQUESTSTATUS)",
    "SubjectName": "CN=EvtGen-Root-CA, DC=ludus, DC=domain"
  },
  "message": ""
}

Event ID 21: Active Directory Certificate Services could not process request RequestId due to an error:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services could not process request due to an error: . The request was for .

Fields #

NameDescription
RequestId UnicodeString
ErrorCode UnicodeString
SubjectName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 21,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:24:03.9698601+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "The request's current status does not allow this operation. 0x80094003 (-2146877437 CERTSRV_E_BAD_REQUESTSTATUS)",
    "SubjectName": "CN=EvtGen-Root-CA, DC=ludus, DC=domain",
    "RequestId": "1"
  }
}

Event ID 22: Active Directory Certificate Services could not process request RequestId due to an error: ErrorCode.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not process request RequestId due to an error: ErrorCode. The request was for SubjectName. Additional information: AdditionalInformation.

Message #

Active Directory Certificate Services could not process request %1 due to an error: %2.  The request was for %3.  Additional information: %4

Fields #

NameDescription
RequestId UnicodeString
ErrorCode UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 22: Active Directory Certificate Services could not process request RequestId due to an error:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not process request due to an error: . The request was for . Additional information.

Fields #

NameDescription
RequestId UnicodeString
ErrorCode UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 23: Active Directory Certificate Services could not process request RequestId due to an error: ErrorCode.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not process request RequestId due to an error: ErrorCode. The request was for SubjectName. The certificate would contain an encoded length that is potentially incompatible with older enrollment software. Submit a new request using different length input data for the following field: Field

Message #

Active Directory Certificate Services could not process request %1 due to an error: %2.  The request was for %3.  The certificate would contain an encoded length that is potentially incompatible with older enrollment software.  Submit a new request using different length input data for the following field: %4

Fields #

NameDescription
RequestId UnicodeString
ErrorCode UnicodeString
SubjectName UnicodeString
Field UnicodeString

Event ID 23: Active Directory Certificate Services could not process request RequestId due to an error:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
RequestId UnicodeString
ErrorCode UnicodeString
SubjectName UnicodeString
Field UnicodeString

Event ID 25: Active Directory Certificate Services revoked the certificate for request RequestId for SubjectName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services revoked the certificate for request RequestId for SubjectName.

Message #

Active Directory Certificate Services revoked the certificate for request %1 for %2.

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 25: Active Directory Certificate Services revoked the certificate for request RequestId for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services revoked the certificate for request for .

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 26: Active Directory Certificate Services for Name was started.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Informational

Description

Active Directory Certificate Services for Name was started.CACommonNameDCSpecifier.

Message #

Active Directory Certificate Services for %1 was started.%2%3

Fields #

NameDescription
CACommonName UnicodeString
DCSpecifier UnicodeString
DCName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 26,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T20:16:52.465174+00:00",
    "event_record_id": 3703,
    "correlation": {},
    "execution": {
      "process_id": 9432,
      "thread_id": 1156
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_I_SERVER_STARTED",
    "CACommonName": "EvtGen-Root-CA",
    "DCSpecifier": "  DC=",
    "DCName": "LAB-DC01.ludus.domain"
  },
  "message": ""
}

Event ID 26: Active Directory Certificate Services for CACommonName was started

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
4

Description

Active Directory Certificate Services for was started.

Fields #

NameDescription
CACommonName UnicodeString
DCSpecifier UnicodeString
DCName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 26,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:16:52.4651741+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "DCName": "JD-DC01-2022.ludus.domain",
    "CACommonName": "EvtGen-Root-CA",
    "DCSpecifier": "  DC="
  }
}

Event ID 27: Active Directory Certificate Services did not start: Hierarchical setup is incomplete.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Hierarchical setup is incomplete. Use the request file in RequestFileName.req to obtain a certificate for this Certificate Server, and use the Certification Authority administration tool to install the new certificate and complete the installation.

Message #

Active Directory Certificate Services did not start: Hierarchical setup is incomplete.  Use the request file in %1.req to obtain a certificate for this Certificate Server, and use the Certification Authority administration tool to install the new certificate and complete the installation.

Fields #

NameDescription
RequestFileName UnicodeString

Event ID 27: Active Directory Certificate Services did not start: Hierarchical setup is incomplete

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
RequestFileName UnicodeString

Event ID 33: Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for CACommonName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for CACommonName. ErrorCode.

Message #

Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for %1.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 33: Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for . .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 34: Active Directory Certificate Services did not start: Could not initialize RPC for CACommonName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Could not initialize RPC for CACommonName. ErrorCode.

Message #

Active Directory Certificate Services did not start: Could not initialize RPC for %1.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 34: Active Directory Certificate Services did not start: Could not initialize RPC for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not initialize RPC for . .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 35: Active Directory Certificate Services did not start: Could not initialize OLE for CACommonName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Could not initialize OLE for CACommonName. ErrorCode.

Message #

Active Directory Certificate Services did not start: Could not initialize OLE for %1.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 35: Active Directory Certificate Services did not start: Could not initialize OLE for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not initialize OLE for . .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 38: Active Directory Certificate Services for Name was stopped.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Informational

Description

Active Directory Certificate Services for Name was stopped.

Message #

Active Directory Certificate Services for %1 was stopped.

Fields #

NameDescription
CACommonName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 38,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T23:05:17.631827+00:00",
    "event_record_id": 4209,
    "correlation": {},
    "execution": {
      "process_id": 3920,
      "thread_id": 3924
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_I_SERVER_STOPPED",
    "CACommonName": "EvtGen-Root-CA"
  },
  "message": ""
}

Event ID 38: Active Directory Certificate Services for CACommonName was stopped

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
4

Description

Active Directory Certificate Services for was stopped.

Fields #

NameDescription
CACommonName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 38,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:05:17.6318277+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "CACommonName": "EvtGen-Root-CA"
  }
}

Event ID 39: Active Directory Certificate Services did not start: The Certification Authority DCOM class for CACommonName could not be registered.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Error

Description

Active Directory Certificate Services did not start: The Certification Authority DCOM class for CACommonName could not be registered. ErrorCode. Use the services administration tool to change the Certification Authority logon context.

Message #

Active Directory Certificate Services did not start: The Certification Authority DCOM class for %1 could not be registered.  %2.  Use the services administration tool to change the Certification Authority logon context.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "{6a71d062-9afe-4f35-ad08-52134f85dfb9}",
    "event_source_name": "",
    "event_id": 39,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 21:22:34.260563+00:00",
    "event_record_id": 4803,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 9476,
      "thread_id": 8968
    },
    "channel": "Application",
    "computer": "EX-DC01-2022.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "CACommonName": "ludus-CA",
    "ErrorCode": "The class is configured to run as a security id different from the caller 0x80004015 (-2147467243 CO_E_WRONG_SERVER_IDENTITY)"
  },
  "message": ""
}

Event ID 39: Active Directory Certificate Services did not start: The Certification Authority DCOM class for CACommonName could not be registered

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 40: Active Directory Certificate Services did not start: Could not initialize DCOM class factories for CACommonName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Could not initialize DCOM class factories for CACommonName. ErrorCode.

Message #

Active Directory Certificate Services did not start: Could not initialize DCOM class factories for %1.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 40: Active Directory Certificate Services did not start: Could not initialize DCOM class factories for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not initialize DCOM class factories for . .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 42: Could not build a certificate chain for CA certificate CACertIdentifier for CACommonName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Could not build a certificate chain for CA certificate CACertIdentifier for CACommonName. ErrorCode.

Message #

Could not build a certificate chain for CA certificate %3 for %1.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 42: Could not build a certificate chain for CA certificate CACertIdentifier for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Could not build a certificate chain for CA certificate for . .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 43: The "PolicyModuleDescription" Policy Module "MethodName" method caused an exception at address ExceptionAddress.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The "PolicyModuleDescription" Policy Module "MethodName" method caused an exception at address ExceptionAddress. The exception code is ExceptionCode.

Message #

The "%1" Policy Module "%2" method caused an exception at address %4.  The exception code is %3.

Fields #

NameDescription
PolicyModuleDescription UnicodeString
MethodName UnicodeString
ExceptionCode UnicodeString
ExceptionAddress UnicodeString

Event ID 43: The "PolicyModuleDescription" Policy Module "MethodName" method caused an exception at address

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The "PolicyModuleDescription" Policy Module "MethodName" method caused an exception at address ExceptionAddress. The exception code is ExceptionCode.

Fields #

NameDescription
PolicyModuleDescription UnicodeString
MethodName UnicodeString
ExceptionCode UnicodeString
ExceptionAddress UnicodeString

Event ID 44: The "Name" Policy Module "PolicyModuleDescription" method returned an error.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Error

Description

The "Name" Policy Module "PolicyModuleDescription" method returned an error. param4 The returned status code is MethodName. ErrorCode.

Message #

The "%1" Policy Module "%2" method returned an error. %5 The returned status code is %3.  %4

Fields #

NameDescription
PolicyModuleDescription UnicodeString
MethodName UnicodeString
ErrorCode UnicodeString
param4 UnicodeString
ErrorString UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 44,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T21:48:47.682649+00:00",
    "event_record_id": 3798,
    "correlation": {},
    "execution": {
      "process_id": 3920,
      "thread_id": 3924
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_E_POLICY_ERROR",
    "PolicyModuleDescription": "Windows default",
    "MethodName": "Initialize",
    "ErrorCode": "0x8007054b (1355)",
    "param4": "The Active Directory containing the Certification Authority could not be contacted.\r\n",
    "ErrorString": "The specified domain either does not exist or could not be contacted."
  },
  "message": ""
}

Event ID 44: The "PolicyModuleDescription" Policy Module "MethodName" method returned an error

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

The "PolicyModuleDescription" Policy Module "MethodName" method returned an error. ErrorString The returned status code is ErrorCode. param4.

Fields #

NameDescription
PolicyModuleDescription UnicodeString
MethodName UnicodeString
ErrorCode UnicodeString
param4 UnicodeString
ErrorString UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 44,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T21:48:47.6826498+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "0x8007054b (1355)",
    "MethodName": "Initialize",
    "ErrorString": "The specified domain either does not exist or could not be contacted.",
    "param4": "The Active Directory containing the Certification Authority could not be contacted.\n",
    "PolicyModuleDescription": "Windows default"
  }
}

Event ID 45: The "ExitModuleDescription" Exit Module "MethodName" method caused an exception at address ExceptionAddress.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The "ExitModuleDescription" Exit Module "MethodName" method caused an exception at address ExceptionAddress. The exception code is ExceptionCode.

Message #

The "%1" Exit Module "%2" method caused an exception at address %4.  The exception code is %3.

Fields #

NameDescription
ExitModuleDescription UnicodeString
MethodName UnicodeString
ExceptionCode UnicodeString
ExceptionAddress UnicodeString

Event ID 45: The "ExitModuleDescription" Exit Module "MethodName" method caused an exception at address

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The "ExitModuleDescription" Exit Module "MethodName" method caused an exception at address ExceptionAddress. The exception code is ExceptionCode.

Fields #

NameDescription
ExitModuleDescription UnicodeString
MethodName UnicodeString
ExceptionCode UnicodeString
ExceptionAddress UnicodeString

Event ID 46: The "ExitModuleDescription" Exit Module "MethodName" method returned an error.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The "ExitModuleDescription" Exit Module "MethodName" method returned an error. ErrorString The returned status code is ErrorCode. param4.

Message #

The "%1" Exit Module "%2" method returned an error. %5 The returned status code is %3.  %4

Fields #

NameDescription
ExitModuleDescription UnicodeString
MethodName UnicodeString
ErrorCode UnicodeString
param4 UnicodeString
ErrorString UnicodeString

Event ID 46: The "ExitModuleDescription" Exit Module "MethodName" method returned an error

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The "ExitModuleDescription" Exit Module "MethodName" method returned an error. ErrorString The returned status code is ErrorCode. param4.

Fields #

NameDescription
ExitModuleDescription UnicodeString
MethodName UnicodeString
ErrorCode UnicodeString
param4 UnicodeString
ErrorString UnicodeString

Event ID 48: Revocation status for a certificate in the chain for CA certificate CACertIdentifier for CACommonName could not be verified because a server is currently unavailable.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Revocation status for a certificate in the chain for CA certificate CACertIdentifier for CACommonName could not be verified because a server is currently unavailable. ErrorCode.

Message #

Revocation status for a certificate in the chain for CA certificate %3 for %1 could not be verified because a server is currently unavailable.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 48: Revocation status for a certificate in the chain for CA certificate CACertIdentifier for CACommonName could not be verified because a server is currently unavailable

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Revocation status for a certificate in the chain for CA certificate for could not be verified because a server is currently unavailable. .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 49: A certificate in the chain for CA certificate CACertIdentifier for CACommonName could not be verified because no information is available describing how to check the revoc...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A certificate in the chain for CA certificate CACertIdentifier for CACommonName could not be verified because no information is available describing how to check the revocation status. ErrorCode.

Message #

A certificate in the chain for CA certificate %3 for %1 could not be verified because no information is available describing how to check the revocation status.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 49: A certificate in the chain for CA certificate CACertIdentifier for CACommonName could not be verified because no information is available describing how to check the revocation status

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A certificate in the chain for CA certificate for could not be verified because no information is available describing how to check the revocation status. .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 51: A certificate in the chain for CA certificate CACertIdentifier for CACommonName has been revoked.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A certificate in the chain for CA certificate CACertIdentifier for CACommonName has been revoked. ErrorCode.

Message #

A certificate in the chain for CA certificate %3 for %1 has been revoked.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 51: A certificate in the chain for CA certificate CACertIdentifier for CACommonName has been revoked

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A certificate in the chain for CA certificate for has been revoked. .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 52: Active Directory Certificate Services issued a certificate for request RequestId for SubjectName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services issued a certificate for request RequestId for SubjectName. Additional information: AdditionalInformation.

Message #

Active Directory Certificate Services issued a certificate for request %1 for %2.  Additional information: %3

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 52: Active Directory Certificate Services issued a certificate for request RequestId for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services issued a certificate for request for . Additional information.

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 53: Active Directory Certificate Services denied request Name because RequestId.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Warning

Description

Active Directory Certificate Services denied request Name because RequestId. The request was for Reason. Additional information: SubjectName.

Message #

Active Directory Certificate Services denied request %1 because %2.  The request was for %3.  Additional information: %4

Fields #

NameDescription
RequestId UnicodeString
Reason UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 53,
    "version": 0,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T20:16:58.388339+00:00",
    "event_record_id": 3704,
    "correlation": {},
    "execution": {
      "process_id": 9432,
      "thread_id": 10184
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_DN_CERT_DENIED_WITH_INFO",
    "RequestId": "2",
    "Reason": "The request contains no certificate template information. 0x80094801 (-2146875391 CERTSRV_E_NO_CERT_TYPE)",
    "SubjectName": "CN=EvtGenTestCert, O=Test, L=Test, S=Test, C=US",
    "AdditionalInformation": "Denied by Policy Module  0x80094801, The request does not contain a certificate template extension or the CertificateTemplate request attribute.\r\n"
  },
  "message": ""
}

Detection Rules #

View all rules referencing this event →

Sigma # view in coverage

Event ID 53: Active Directory Certificate Services denied request RequestId because

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
3

Description

Active Directory Certificate Services denied request because . The request was for . Additional information.

Fields #

NameDescription
RequestId UnicodeString
Reason UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 53,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:16:58.3883392+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "AdditionalInformation": "Denied by Policy Module  0x80094801, The request does not contain a certificate template extension or the CertificateTemplate request attribute.\n",
    "Reason": "The request contains no certificate template information. 0x80094801 (-2146875391 CERTSRV_E_NO_CERT_TYPE)",
    "SubjectName": "CN=EvtGenTestCert, O=Test, L=Test, S=Test, C=US",
    "RequestId": "2"
  }
}

Detection Rules #

View all rules referencing this event →

Sigma # view in coverage

Event ID 54: Active Directory Certificate Services left request RequestId pending in the queue for SubjectName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services left request RequestId pending in the queue for SubjectName. Additional information: AdditionalInformation.

Message #

Active Directory Certificate Services left request %1 pending in the queue for %2.  Additional information: %3

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 54: Active Directory Certificate Services left request RequestId pending in the queue for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services left request pending in the queue for . Additional information.

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 56: Active Directory Certificate Services denied request RequestId.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services denied request RequestId. The request was for SubjectName.

Message #

Active Directory Certificate Services denied request %1.  The request was for %2.

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 56: Active Directory Certificate Services denied request

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services denied request . The request was for .

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString

Event ID 57: Active Directory Certificate Services denied request RequestId.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services denied request RequestId. The request was for SubjectName. Additional information: AdditionalInformation.

Message #

Active Directory Certificate Services denied request %1.  The request was for %2.  Additional information: %3

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 57: Active Directory Certificate Services denied request

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services denied request . The request was for . Additional information.

Fields #

NameDescription
RequestId UnicodeString
SubjectName UnicodeString
AdditionalInformation UnicodeString

Event ID 58: A certificate in the chain for CA certificate CACertIdentifier for CACommonName has expired.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A certificate in the chain for CA certificate CACertIdentifier for CACommonName has expired. ErrorCode.

Message #

A certificate in the chain for CA certificate %3 for %1 has expired.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 58: A certificate in the chain for CA certificate CACertIdentifier for CACommonName has expired

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A certificate in the chain for CA certificate for has expired. .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 59: Active Directory Certificate Services did not start: Could not connect to the Active Directory for CACommonName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Could not connect to the Active Directory for CACommonName. ErrorCode.

Message #

Active Directory Certificate Services did not start: Could not connect to the Active Directory for %1.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 59: Active Directory Certificate Services did not start: Could not connect to the Active Directory for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not connect to the Active Directory for . .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 60: Active Directory Certificate Services refused to process an extremely long request from SubjectName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services refused to process an extremely long request from SubjectName. This may indicate a denial-of-service attack. If the request was rejected in error, modify the MaxIncomingMessageSize registry parameter via certutil -setreg CA\MaxIncomingMessageSize <bytes>. Unless verbose logging is enabled, this error will not be logged again for 20 minutes.

Message #

Active Directory Certificate Services refused to process an extremely long request from %1. This may indicate a denial-of-service attack. If the request was rejected in error, modify the MaxIncomingMessageSize registry parameter via 
certutil -setreg CA\MaxIncomingMessageSize <bytes>.

Unless verbose logging is enabled, this error will not be logged again for 20 minutes.

Fields #

NameDescription
SubjectName UnicodeString

Event ID 60: Active Directory Certificate Services refused to process an extremely long request from

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
SubjectName UnicodeString

Event ID 62: Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Message #

Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Event ID 62: Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Event ID 63: Active Directory Certificate Services did not start: CACommonName ErrorCode.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: CACommonName ErrorCode.

Message #

Active Directory Certificate Services did not start: %1 %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 63: Active Directory Certificate Services did not start: CACommonName

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 64: Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Message #

Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Event ID 64: Active Directory Certificate Services cannot publish enrollment access changes to Active Directory

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Event ID 65: Active Directory Certificate Services could not publish a Base CRL for key Name to the following location: CAKeyIdentifier.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Error

Description

Active Directory Certificate Services could not publish a Base CRL for key Name to the following location: CAKeyIdentifier. URL.param4param5.

Message #

Active Directory Certificate Services could not publish a Base CRL for key %1 to the following location: %2.  %3.%5%6

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 65,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T23:06:22.153985+00:00",
    "event_record_id": 4222,
    "correlation": {},
    "execution": {
      "process_id": 13036,
      "thread_id": 13344
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_E_BASE_CRL_PUBLICATION",
    "CAKeyIdentifier": "0",
    "URL": "http://crl.ludus.domain/crldist/EvtGen-Root-CA.crl",
    "ErrorMessageText": "The specified path is invalid. 0x800700a1 (WIN32/HTTP: 161 ERROR_BAD_PATHNAME)",
    "param4": "",
    "param5": "",
    "AdditionalErrorMessage": ""
  },
  "message": ""
}

Event ID 65: Active Directory Certificate Services could not publish a Base CRL for key CAKeyIdentifier to the following location:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services could not publish a Base CRL for key to the following location: . .

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 65,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:06:22.1539855+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "URL": "http://crl.ludus.domain/crldist/EvtGen-Root-CA.crl",
    "AdditionalErrorMessage": "",
    "param4": "",
    "ErrorMessageText": "The specified path is invalid. 0x800700a1 (WIN32/HTTP: 161 ERROR_BAD_PATHNAME)",
    "CAKeyIdentifier": "0",
    "param5": ""
  }
}

Event ID 66: Active Directory Certificate Services could not publish a Delta CRL for key CAKeyIdentifier to the following location: URL.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not publish a Delta CRL for key CAKeyIdentifier to the following location: URL. ErrorMessageText.param5AdditionalErrorMessage.

Message #

Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location: %2.  %3.%5%6

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 66: Active Directory Certificate Services could not publish a Delta CRL for key CAKeyIdentifier to the following location:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Delta CRL for key to the following location: . .

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 67: Active Directory Certificate Services made NumberOfAttempts attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services made NumberOfAttempts attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Message #

Active Directory Certificate Services made %1 attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Fields #

NameDescription
NumberOfAttempts UnicodeString

Event ID 67: Active Directory Certificate Services made NumberOfAttempts attempts to publish a CRL and will stop publishing attempts until the next CRL is generated

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services made attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Fields #

NameDescription
NumberOfAttempts UnicodeString

Event ID 68: Active Directory Certificate Services successfully published Base CRL(s).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services successfully published Base CRL(s).

Message #

Active Directory Certificate Services successfully published Base CRL(s).

Event ID 68: Active Directory Certificate Services successfully published Base CRL(s)

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Base CRL(s).

Event ID 69: Active Directory Certificate Services successfully published Delta CRL(s).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services successfully published Delta CRL(s).

Message #

Active Directory Certificate Services successfully published Delta CRL(s).

Event ID 69: Active Directory Certificate Services successfully published Delta CRL(s)

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Delta CRL(s).

Event ID 70: Active Directory Certificate Services successfully published Base and Delta CRL(s).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services successfully published Base and Delta CRL(s).

Message #

Active Directory Certificate Services successfully published Base and Delta CRL(s).

Event ID 70: Active Directory Certificate Services successfully published Base and Delta CRL(s)

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Base and Delta CRL(s).

Event ID 71: Active Directory Certificate Services successfully published Base CRL(s) to server HostName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services successfully published Base CRL(s) to server HostName.

Message #

Active Directory Certificate Services successfully published Base CRL(s) to server %1.

Fields #

NameDescription
HostName UnicodeString

Event ID 71: Active Directory Certificate Services successfully published Base CRL(s) to server

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
4

Description

Active Directory Certificate Services successfully published Base CRL(s) to server .

Fields #

NameDescription
HostName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "{6A71D062-9AFE-4F35-AD08-52134F85DFB9}",
    "event_source_name": "",
    "event_id": 71,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": -9223372036854775808,
    "time_created": "2026-05-30T01:38:44.6100892+00:00",
    "event_record_id": 253121,
    "correlation": {
      "ActivityID": "{A34AE51E-3B5A-4697-B3E5-8B64042E4293}"
    },
    "execution": {
      "process_id": 13200,
      "thread_id": 11308
    },
    "channel": "Application",
    "computer": "JD-DC01-2022.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "HostName": "JD-DC01-2022.ludus.domain"
  },
  "message": "Active Directory Certificate Services successfully published Base CRL(s) to server JD-DC01-2022.ludus.domain."
}

Event ID 72: Active Directory Certificate Services successfully published Delta CRL(s) to server HostName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services successfully published Delta CRL(s) to server HostName.

Message #

Active Directory Certificate Services successfully published Delta CRL(s) to server %1.

Fields #

NameDescription
HostName UnicodeString

Event ID 72: Active Directory Certificate Services successfully published Delta CRL(s) to server

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Delta CRL(s) to server .

Fields #

NameDescription
HostName UnicodeString

Event ID 73: Active Directory Certificate Services successfully published Base and Delta CRL(s) to server HostName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services successfully published Base and Delta CRL(s) to server HostName.

Message #

Active Directory Certificate Services successfully published Base and Delta CRL(s) to server %1.

Fields #

NameDescription
HostName UnicodeString

Event ID 73: Active Directory Certificate Services successfully published Base and Delta CRL(s) to server

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Base and Delta CRL(s) to server .

Fields #

NameDescription
HostName UnicodeString

Event ID 74: Active Directory Certificate Services could not publish a Base CRL for key CAKeyIdentifier to the following location on server HostName: URL.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not publish a Base CRL for key CAKeyIdentifier to the following location on server HostName: URL. ErrorMessageText.param5AdditionalErrorMessage.

Message #

Active Directory Certificate Services could not publish a Base CRL for key %1 to the following location on server %4: %2.  %3.%5%6

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 74: Active Directory Certificate Services could not publish a Base CRL for key CAKeyIdentifier to the following location on server HostName:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Base CRL for key to the following location on server : . .

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 75: Active Directory Certificate Services could not publish a Delta CRL for key CAKeyIdentifier to the following location on server HostName: URL.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not publish a Delta CRL for key CAKeyIdentifier to the following location on server HostName: URL. ErrorMessageText.param5AdditionalErrorMessage.

Message #

Active Directory Certificate Services could not publish a Delta CRL for key %1 to the following location on server %4: %2.  %3.%5%6

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 75: Active Directory Certificate Services could not publish a Delta CRL for key CAKeyIdentifier to the following location on server HostName:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Delta CRL for key to the following location on server : . .

Fields #

NameDescription
CAKeyIdentifier UnicodeString
URL UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 76: The "PolicyModuleDescription" Policy Module logged the following information: InformationMessage.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The "PolicyModuleDescription" Policy Module logged the following information: InformationMessage.

Message #

The "%1" Policy Module logged the following information: %2

Fields #

NameDescription
PolicyModuleDescription UnicodeString
InformationMessage UnicodeString

Event ID 76: The "PolicyModuleDescription" Policy Module logged the following information:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
4

Description

The "PolicyModuleDescription" Policy Module logged the following information: InformationMessage.

Fields #

NameDescription
PolicyModuleDescription UnicodeString
InformationMessage UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "{6A71D062-9AFE-4F35-AD08-52134F85DFB9}",
    "event_source_name": "",
    "event_id": 76,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": -9223372036854775808,
    "time_created": "2026-05-30T01:34:11.3882555+00:00",
    "event_record_id": 253093,
    "correlation": {},
    "execution": {
      "process_id": 13200,
      "thread_id": 12088
    },
    "channel": "Application",
    "computer": "JD-DC01-2022.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "PolicyModuleDescription": "Windows default",
    "InformationMessage": "The Administrator(v4.1): V1(0.0s) Certificate Template was loaded.\n"
  },
  "message": "The \"Windows default\" Policy Module logged the following information: The Administrator(v4.1): V1(0.0s) Certificate Template was loaded.\r\n"
}

Event ID 77: The "Name" Policy Module logged the following warning: PolicyModuleDescription.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Warning

Description

The "Name" Policy Module logged the following warning: PolicyModuleDescription.

Message #

The "%1" Policy Module logged the following warning: %2

Fields #

NameDescription
PolicyModuleDescription UnicodeString
WarningMessage UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 77,
    "version": 0,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T20:24:03.481197+00:00",
    "event_record_id": 3713,
    "correlation": {},
    "execution": {
      "process_id": 9432,
      "thread_id": 6164
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_POLICY_LOG_WARNING",
    "PolicyModuleDescription": "Windows default",
    "WarningMessage": "The Active Directory connection to LAB-DC01.ludus.domain has been reestablished to LAB-DC01.ludus.domain.\r\n"
  },
  "message": ""
}

Event ID 77: The "PolicyModuleDescription" Policy Module logged the following warning:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
3

Description

The "PolicyModuleDescription" Policy Module logged the following warning: WarningMessage.

Fields #

NameDescription
PolicyModuleDescription UnicodeString
WarningMessage UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 77,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:24:03.4811975+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "WarningMessage": "The Active Directory connection to JD-DC01-2022.ludus.domain has been reestablished to JD-DC01-2022.ludus.domain.\n",
    "PolicyModuleDescription": "Windows default"
  }
}

Event ID 78: The "PolicyModuleDescription" Policy Module logged the following error: ErrorMessage.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The "PolicyModuleDescription" Policy Module logged the following error: ErrorMessage.

Message #

The "%1" Policy Module logged the following error: %2

Fields #

NameDescription
PolicyModuleDescription UnicodeString
ErrorMessage UnicodeString

Event ID 78: The "PolicyModuleDescription" Policy Module logged the following error:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The "PolicyModuleDescription" Policy Module logged the following error: ErrorMessage.

Fields #

NameDescription
PolicyModuleDescription UnicodeString
ErrorMessage UnicodeString

Event ID 79: Active Directory Certificate Services could not publish a Certificate for request RequestId to the following location: DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not publish a Certificate for request RequestId to the following location: DN. ErrorMessageText.param5AdditionalErrorMessage.

Message #

Active Directory Certificate Services could not publish a Certificate for request %1 to the following location: %2.  %3.%5%6

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 79: Active Directory Certificate Services could not publish a Certificate for request RequestId to the following location:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Certificate for request to the following location: . .

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 80: Active Directory Certificate Services could not publish a Certificate for request RequestId to the following location on server HostName: DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not publish a Certificate for request RequestId to the following location on server HostName: DN. ErrorMessageText.param5AdditionalErrorMessage.

Message #

Active Directory Certificate Services could not publish a Certificate for request %1 to the following location on server %4: %2.  %3.%5%6

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 80: Active Directory Certificate Services could not publish a Certificate for request RequestId to the following location on server HostName:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Certificate for request to the following location on server : . .

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 81: Active Directory Certificate Services key archival is only supported on Advanced Server.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services key archival is only supported on Advanced Server. ErrorCode.

Message #

Active Directory Certificate Services key archival is only supported on Advanced Server.  %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 81: Active Directory Certificate Services key archival is only supported on Advanced Server

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services key archival is only supported on Advanced Server.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 82: Active Directory Certificate Services could only verify NumberOfValidKRACerts of RequiredNumberOfValidKRACerts key recovery certificates required to enable private key archival.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could only verify NumberOfValidKRACerts of RequiredNumberOfValidKRACerts key recovery certificates required to enable private key archival. Requests to archive private keys will not be accepted.

Message #

Active Directory Certificate Services could only verify %1 of %2 key recovery certificates required to enable private key archival.  Requests to archive private keys will not be accepted.

Fields #

NameDescription
NumberOfValidKRACerts UnicodeString
RequiredNumberOfValidKRACerts UnicodeString

Event ID 82: Active Directory Certificate Services could only verify NumberOfValidKRACerts of RequiredNumberOfValidKRACerts key recovery certificates required to enable private key archival

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could only verify of key recovery certificates required to enable private key archival. Requests to archive private keys will not be accepted.

Fields #

NameDescription
NumberOfValidKRACerts UnicodeString
RequiredNumberOfValidKRACerts UnicodeString

Event ID 83: Active Directory Certificate Services encountered an error loading key recovery certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Error

Description

Active Directory Certificate Services encountered an error loading key recovery certificates. Requests to archive private keys will not be accepted. Name.

Message #

Active Directory Certificate Services encountered an error loading key recovery certificates.  Requests to archive private keys will not be accepted.  %1

Fields #

NameDescription
ErrorCode UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 83,
    "version": 0,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T23:15:53.245767+00:00",
    "event_record_id": 4309,
    "correlation": {},
    "execution": {
      "process_id": 3800,
      "thread_id": 11792
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_E_LOADING_KRA_CERTS",
    "ErrorCode": "The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)"
  },
  "message": ""
}

Event ID 83: Active Directory Certificate Services encountered an error loading key recovery certificates

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services encountered an error loading key recovery certificates. Requests to archive private keys will not be accepted.

Fields #

NameDescription
ErrorCode UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 83,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:15:53.2457675+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)"
  }
}

Event ID 84: Active Directory Certificate Services will not use key recovery certificate KRACertIndex because it could not be verified for use as a Key Recovery Agent.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services will not use key recovery certificate KRACertIndex because it could not be verified for use as a Key Recovery Agent. KRACertSubjectName ErrorCode.

Message #

Active Directory Certificate Services will not use key recovery certificate %1 because it could not be verified for use as a Key Recovery Agent.  %2  %3

Fields #

NameDescription
KRACertIndex UnicodeString
KRACertSubjectName UnicodeString
ErrorCode UnicodeString

Event ID 84: Active Directory Certificate Services will not use key recovery certificate KRACertIndex because it could not be verified for use as a Key Recovery Agent

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services will not use key recovery certificate because it could not be verified for use as a Key Recovery Agent.

Fields #

NameDescription
KRACertIndex UnicodeString
KRACertSubjectName UnicodeString
ErrorCode UnicodeString

Event ID 85: Active Directory Certificate Services ignored key recovery certificate KRACertIndex because it could not be loaded.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services ignored key recovery certificate KRACertIndex because it could not be loaded. KRACertSubjectName ErrorCode.

Message #

Active Directory Certificate Services ignored key recovery certificate %1 because it could not be loaded.  %2  %3

Fields #

NameDescription
KRACertIndex UnicodeString
KRACertSubjectName UnicodeString
ErrorCode UnicodeString

Event ID 85: Active Directory Certificate Services ignored key recovery certificate KRACertIndex because it could not be loaded

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services ignored key recovery certificate because it could not be loaded.

Fields #

NameDescription
KRACertIndex UnicodeString
KRACertSubjectName UnicodeString
ErrorCode UnicodeString

Event ID 86: Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not use the provider specified in the registry for encryption keys. ErrorCode.

Message #

Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.  %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 86: Active Directory Certificate Services could not use the provider specified in the registry for encryption keys

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 87: Active Directory Certificate Services could not use the default provider for encryption keys.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not use the default provider for encryption keys. ErrorCode.

Message #

Active Directory Certificate Services could not use the default provider for encryption keys.  %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 87: Active Directory Certificate Services could not use the default provider for encryption keys

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not use the default provider for encryption keys.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 88: Active Directory Certificate Services switched to the default provider for encryption keys.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services switched to the default provider for encryption keys. DefaultProviderName.

Message #

Active Directory Certificate Services switched to the default provider for encryption keys. %1

Fields #

NameDescription
DefaultProviderName UnicodeString

Event ID 88: Active Directory Certificate Services switched to the default provider for encryption keys

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services switched to the default provider for encryption keys.

Fields #

NameDescription
DefaultProviderName UnicodeString

Event ID 90: ExceptionLocation: Active Directory Certificate Services detected an exception at address ExceptionAddress.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

ExceptionLocation: Active Directory Certificate Services detected an exception at address ExceptionAddress. Flags = ExceptionFlags. The exception is ErrorCode.

Message #

%1: Active Directory Certificate Services detected an exception at address %2.  Flags = %3.  The exception is %4.

Fields #

NameDescription
ExceptionLocation UnicodeString
ExceptionAddress UnicodeString
ExceptionFlags UnicodeString
ErrorCode UnicodeString

Event ID 90: ExceptionLocation: Active Directory Certificate Services detected an exception at address

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

: Active Directory Certificate Services detected an exception at address . Flags = . The exception is .

Fields #

NameDescription
ExceptionLocation UnicodeString
ExceptionAddress UnicodeString
ExceptionFlags UnicodeString
ErrorCode UnicodeString

Event ID 91: Could not connect to the Active Directory.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.

Message #

Could not connect to the Active Directory.  Active Directory Certificate Services will retry when processing requires Active Directory access.

Event ID 91: Could not connect to the Active Directory

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.

Event ID 92: Active Directory Certificate Services could not update security permissions.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not update security permissions. ErrorCode.

Message #

Active Directory Certificate Services could not update security permissions. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 92: Active Directory Certificate Services could not update security permissions

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not update security permissions.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 93: The certificate (#CACertIdentifier) of Active Directory Certificate Services CACommonName does not exist in the certificate store at CN=NTAuthCertificates,CN=Public Key Se...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Warning

Description

The certificate (#CACertIdentifier) of Active Directory Certificate Services CACommonName does not exist in the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container. The directory replication may not be completed.

Message #

The certificate (#%1) of Active Directory Certificate Services %2 does not exist in the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container.  The directory replication may not be completed.

Fields #

NameDescription
CACertIdentifier UnicodeString
CACommonName UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "{6a71d062-9afe-4f35-ad08-52134f85dfb9}",
    "event_source_name": "",
    "event_id": 93,
    "version": 0,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 10:06:23.998896+00:00",
    "event_record_id": 7879,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 8072,
      "thread_id": 8848
    },
    "channel": "Application",
    "computer": "tel2-DC01-2022.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "CACertIdentifier": "1",
    "CACommonName": "ludus-CA"
  },
  "message": ""
}

Event ID 93: The certificate (#CACertIdentifier) of Active Directory Certificate Services CACommonName does not exist in the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the ...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACertIdentifier UnicodeString
CACommonName UnicodeString

Event ID 94: Active Directory Certificate Services CACommonName can not open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Acti...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services CACommonName can not open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container.

Message #

Active Directory Certificate Services %1 can not open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 94: Active Directory Certificate Services CACommonName can not open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services can not open the certificate store at CN=NTAuthCertificates,CN=Public Key Services,CN=Services in the Active Directory's configuration container.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 95: Security permissions are corrupted or missing.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Collection Priority
Recommended (NSA)

Description

Security permissions are corrupted or missing. The Active Directory Certificate Services may need to be reinstalled.

Message #

Security permissions are corrupted or missing.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 95: Security permissions are corrupted or missing

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Collection Priority
Recommended (NSA)

Description

Security permissions are corrupted or missing. The Active Directory Certificate Services may need to be reinstalled.

Event ID 96: Active Directory Certificate Services could not create an encryption certificate.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not create an encryption certificate. Disposition. ErrorCode.

Message #

Active Directory Certificate Services could not create an encryption certificate.  %1.  %2.

Fields #

NameDescription
Disposition UnicodeString
ErrorCode UnicodeString

Event ID 96: Active Directory Certificate Services could not create an encryption certificate

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not create an encryption certificate. . .

Fields #

NameDescription
Disposition UnicodeString
ErrorCode UnicodeString

Event ID 97: Active Directory Certificate Services CACommonName will reduce the maximum lifetime of the issued certificate for request RequestId because the CA certificate lifet...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services CACommonName will reduce the maximum lifetime of the issued certificate for request RequestId because the CA certificate lifetime is shorter than the registry validity period. Consider renewing the CA certificate or reducing the registry validity period.

Message #

Active Directory Certificate Services %1 will reduce the maximum lifetime of the issued certificate for request %2 because the CA certificate lifetime is shorter than the registry validity period.  Consider renewing the CA certificate or reducing the registry validity period.

Fields #

NameDescription
CACommonName UnicodeString
RequestId UnicodeString

Event ID 97: Active Directory Certificate Services CACommonName will reduce the maximum lifetime of the issued certificate for request RequestId because the CA certificate lifetime is shorter than the registry ...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACommonName UnicodeString
RequestId UnicodeString

Event ID 98: Active Directory Certificate Services encountered errors validating configured key recovery certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services encountered errors validating configured key recovery certificates. Requests to archive private keys will no longer be accepted.

Message #

Active Directory Certificate Services encountered errors validating configured key recovery certificates.  Requests to archive private keys will no longer be accepted.

Event ID 98: Active Directory Certificate Services encountered errors validating configured key recovery certificates

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services encountered errors validating configured key recovery certificates. Requests to archive private keys will no longer be accepted.

Event ID 99: Active Directory Certificate Services could not create cross certificate Version to certify its own root certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not create cross certificate Version to certify its own root certificates. Disposition. ErrorCode.

Message #

Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates.  %2.  %3.

Fields #

NameDescription
Version UnicodeString
Disposition UnicodeString
ErrorCode UnicodeString

Event ID 99: Active Directory Certificate Services could not create cross certificate Version to certify its own root certificates

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not create cross certificate to certify its own root certificates. . .

Fields #

NameDescription
Version UnicodeString
Disposition UnicodeString
ErrorCode UnicodeString

Event ID 100: Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate. CACommonName ErrorCode.

Message #

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.  %1 %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 100: Active Directory Certificate Services did not start: Could not load or verify the current CA certificate

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate. .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString

Event ID 101: Active Directory Certificate Services created CA cross certificate Version for CACommonName.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services created CA cross certificate Version for CACommonName.

Message #

Active Directory Certificate Services created CA cross certificate %2 for %1.

Fields #

NameDescription
CACommonName UnicodeString
Version UnicodeString

Event ID 101: Active Directory Certificate Services created CA cross certificate Version for

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services created CA cross certificate for .

Fields #

NameDescription
CACommonName UnicodeString
Version UnicodeString

Event ID 102: Active Directory Certificate Services could not create cross certificate Version to certify its own root certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not create cross certificate Version to certify its own root certificates. The ExtensionOid extension is inconsistent. Disposition. ErrorCode.

Message #

Active Directory Certificate Services could not create cross certificate %1 to certify its own root certificates.  The %2 extension is inconsistent.  %3.  %4.

Fields #

NameDescription
Version UnicodeString
ExtensionOid UnicodeString
Disposition UnicodeString
ErrorCode UnicodeString

Event ID 102: Active Directory Certificate Services could not create cross certificate Version to certify its own root certificates

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not create cross certificate to certify its own root certificates. The extension is inconsistent. . .

Fields #

NameDescription
Version UnicodeString
ExtensionOid UnicodeString
Disposition UnicodeString
ErrorCode UnicodeString

Event ID 103: Active Directory Certificate Services added the root certificate of certificate chain Name to the downloaded Trusted Root Certification Authorities E...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Warning

Description

Active Directory Certificate Services added the root certificate of certificate chain CACertIdentifier to the downloaded Trusted Root Certification Authorities Enterprise store on the CA computer. This store will be updated from the Certification Authorities container in Active Directory the next time Group Policy is applied. To verify that the CA certificate is published correctly in Active Directory, run the following command: certutil -viewstore "LDAPPath" (you must include the quotation marks when you run this command). If the root CA certificate is not present, use the Certificates console on the root CA computer to export the certificate to a file, and then run the following command to publish it to Active Directory: Certutil -dspublish %certificatefilename% Root.

Message #

Active Directory Certificate Services added the root certificate of certificate chain %1 to the downloaded Trusted Root Certification Authorities Enterprise store on the CA computer. This store will be updated from the Certification Authorities container in Active Directory the next time Group Policy is applied. To verify that the CA certificate is published correctly in Active Directory, run the following command: certutil -viewstore "%2" (you must include the quotation marks when you run this command). If the root CA certificate is not present, use the Certificates console on the root CA computer to export the certificate to a file, and then run the following command to publish it to Active Directory: Certutil -dspublish %certificatefilename% Root.

Fields #

NameDescription
CACertIdentifier UnicodeString
LDAPPath UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "6A71D062-9AFE-4F35-AD08-52134F85DFB9",
    "event_source_name": "",
    "event_id": 103,
    "version": 0,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-03-13T20:16:52.134648+00:00",
    "event_record_id": 3702,
    "correlation": {},
    "execution": {
      "process_id": 9432,
      "thread_id": 1156
    },
    "channel": "Application",
    "computer": "LAB-DC01.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "Name": "MSG_E_MISSING_POLICY_ROOT",
    "CACertIdentifier": "0",
    "LDAPPath": "ldap:///CN=EvtGen-Root-CA,CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration,DC=ludus,DC=domain?cACertificate?base?objectClass=certificationAuthority"
  },
  "message": ""
}

Event ID 103: Active Directory Certificate Services added the root certificate of certificate chain CACertIdentifier to the downloaded Trusted Root Certification Authorities Enterprise store on the CA computer

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
3

Fields #

NameDescription
CACertIdentifier UnicodeString
LDAPPath UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 103,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:16:52.1346485+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "LDAPPath": "ldap:///CN=EvtGen-Root-CA,CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration,DC=ludus,DC=domain?cACertificate?base?objectClass=certificationAuthority",
    "CACertIdentifier": "0"
  }
}

Event ID 104: Active Directory Certificate Services published certificate CACertIdentifier to DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application
Level
Informational

Description

Active Directory Certificate Services published certificate CACertIdentifier to DN.

Message #

Active Directory Certificate Services published certificate %1 to %2.

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "guid": "{6a71d062-9afe-4f35-ad08-52134f85dfb9}",
    "event_source_name": "",
    "event_id": 104,
    "version": 0,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "keywords": 9223372036854775808,
    "time_created": "2026-05-09 10:06:24.168850+00:00",
    "event_record_id": 7881,
    "correlation": {
      "ActivityID": "",
      "RelatedActivityID": ""
    },
    "execution": {
      "process_id": 8072,
      "thread_id": 8848
    },
    "channel": "Application",
    "computer": "tel2-DC01-2022.ludus.domain",
    "security": {
      "user_id": "S-1-5-18"
    }
  },
  "event_data": {
    "CACertIdentifier": "1",
    "DN": "CN=ludus-CA,CN=AIA,CN=Public Key Services,CN=Services,CN=Configuration,DC=ludus,DC=domain"
  },
  "message": ""
}

Event ID 104: Active Directory Certificate Services published certificate CACertIdentifier to

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services published certificate to .

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString

Event ID 105: Active Directory Certificate Services deleted invalid certificate CACertIdentifier from DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services deleted invalid certificate CACertIdentifier from DN.

Message #

Active Directory Certificate Services deleted invalid certificate %1 from %2.

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString

Event ID 105: Active Directory Certificate Services deleted invalid certificate CACertIdentifier from

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services deleted invalid certificate from .

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString

Event ID 106: Active Directory Certificate Services cannot add certificate CACertIdentifier to DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services cannot add certificate CACertIdentifier to DN. DSErrorMessage. AdditionalErrorMessage.

Message #

Active Directory Certificate Services cannot add certificate %1 to %2.  %3.  %4.

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString
DSErrorMessage UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 106: Active Directory Certificate Services cannot add certificate CACertIdentifier to

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services cannot add certificate to . . .

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString
DSErrorMessage UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 107: Active Directory Certificate Services cannot delete invalid certificate CACertIdentifier from DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services cannot delete invalid certificate CACertIdentifier from DN. DSErrorMessage. AdditionalErrorMessage.

Message #

Active Directory Certificate Services cannot delete invalid certificate %1 from %2.  %3.  %4.

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString
DSErrorMessage UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 107: Active Directory Certificate Services cannot delete invalid certificate CACertIdentifier from

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services cannot delete invalid certificate from . . .

Fields #

NameDescription
CACertIdentifier UnicodeString
DN UnicodeString
DSErrorMessage UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 108: Active Directory Certificate Services could not delete a Certificate for request RequestId from the following location: DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not delete a Certificate for request RequestId from the following location: DN. ErrorMessageText.param5AdditionalErrorMessage.

Message #

Active Directory Certificate Services could not delete a Certificate for request %1 from the following location: %2.  %3.%5%6

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 108: Active Directory Certificate Services could not delete a Certificate for request RequestId from the following location:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not delete a Certificate for request from the following location: . .

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
param4 UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 109: Active Directory Certificate Services could not delete a Certificate for request RequestId from the following location on server HostName: DN.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not delete a Certificate for request RequestId from the following location on server HostName: DN. ErrorMessageText.param5AdditionalErrorMessage.

Message #

Active Directory Certificate Services could not delete a Certificate for request %1 from the following location on server %4: %2.  %3.%5%6

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 109: Active Directory Certificate Services could not delete a Certificate for request RequestId from the following location on server HostName:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not delete a Certificate for request from the following location on server : . .

Fields #

NameDescription
RequestId UnicodeString
DN UnicodeString
ErrorMessageText UnicodeString
HostName UnicodeString
param5 UnicodeString
AdditionalErrorMessage UnicodeString

Event ID 110: Active Directory Certificate Services could not initialize the performance counters.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not initialize the performance counters.

Message #

Active Directory Certificate Services could not initialize the performance counters.

Event ID 110: Active Directory Certificate Services could not initialize the performance counters

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not initialize the performance counters.

Event ID 111: Active Directory Certificate Services upgrade failed because the upgrade path could not be determined.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services upgrade failed because the upgrade path could not be determined. ErrorCode.

Message #

Active Directory Certificate Services upgrade failed because the upgrade path could not be determined. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 111: Active Directory Certificate Services upgrade failed because the upgrade path could not be determined

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade failed because the upgrade path could not be determined.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 112: Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable. ErrorCode.

Message #

Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 112: Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 113: A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissi...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 113: A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 114: A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 114: A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 115: A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 115: A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 116: A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 116: A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 117: A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 117: A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 118: A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 118: A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 121: A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 121: A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 122: A portion of the Active Directory Certificate Services upgrade failed: Could not update service description.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update service description. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not update service description. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 122: A portion of the Active Directory Certificate Services upgrade failed: Could not update service description

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update service description.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 123: A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings. ErrorCode.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 123: A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 124: Active Directory Certificate Services upgrade succeeded.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services upgrade succeeded. Active Directory Certificate Services settings have been upgraded successfully.

Message #

Active Directory Certificate Services upgrade succeeded. Active Directory Certificate Services settings have been upgraded successfully.

Event ID 124: Active Directory Certificate Services upgrade succeeded

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade succeeded. Active Directory Certificate Services settings have been upgraded successfully.

Event ID 125: Active Directory Certificate Services upgrade failed.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services upgrade failed. Active Directory Certificate Services settings have not been upgraded. ErrorCode.

Message #

Active Directory Certificate Services upgrade failed. Active Directory Certificate Services settings have not been upgraded. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 125: Active Directory Certificate Services upgrade failed

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade failed. Active Directory Certificate Services settings have not been upgraded.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 126: Current information about advanced features supported by this Certification Authority is not available from the domain controller.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Current information about advanced features supported by this Certification Authority is not available from the domain controller. Stop and restart Certificate Services in order to update this information. ErrorCode

Message #

Current information about advanced features supported by this Certification Authority is not available from the domain controller. Stop and restart Certificate Services in order to update this information. %1

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 126: Current information about advanced features supported by this Certification Authority is not available from the domain controller

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 127: Key recovery certificate KRACertIndex is about to expire soon and will not be used upon expiration.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Key recovery certificate KRACertIndex is about to expire soon and will not be used upon expiration. Contact your adminstrator to renew this certificate. KRACertSubjectName ErrorCode.

Message #

Key recovery certificate %1 is about to expire soon and will not be used upon expiration. Contact your adminstrator to renew this certificate.  %2  %3

Fields #

NameDescription
KRACertIndex UnicodeString
KRACertSubjectName UnicodeString
ErrorCode UnicodeString

Event ID 127: Key recovery certificate KRACertIndex is about to expire soon and will not be used upon expiration

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Key recovery certificate is about to expire soon and will not be used upon expiration. Contact your adminstrator to renew this certificate.

Fields #

NameDescription
KRACertIndex UnicodeString
KRACertSubjectName UnicodeString
ErrorCode UnicodeString

Event ID 128: An Authority Key Identifier was passed as part of the certificate request RequestId.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

An Authority Key Identifier was passed as part of the certificate request RequestId. This feature has not been enabled. To enable specifying a CA key for certificate signing, run: "certutil -setreg ca\UseDefinedCACertInRequest 1" and then restart the service.

Message #

An Authority Key Identifier was passed as part of the certificate request %1. This feature has not been enabled. To enable specifying a CA key for certificate signing, run: "certutil -setreg ca\UseDefinedCACertInRequest 1" and then restart the service.

Fields #

NameDescription
RequestId UnicodeString

Event ID 128: An Authority Key Identifier was passed as part of the certificate request

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
RequestId UnicodeString

Event ID 129: An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting. To resolve, run: "certutil -getreg ca\EnabledEKUForDefinedCACert" to identify the invalid OID and correct it. The default OID ("1.3.6.1.5.5.7.3.9") will be used.

Message #

An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting. To resolve, run: "certutil -getreg ca\EnabledEKUForDefinedCACert" to identify the invalid OID and correct it. The default OID ("1.3.6.1.5.5.7.3.9") will be used.

Event ID 129: An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Event ID 130: Active Directory Certificate Services could not create a certificate revocation list.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not create a certificate revocation list. ErrorMessageText. This may cause applications that need to check the revocation status of certificates issued by this CA to fail. You can recreate the certificate revocation list manually by running the following command: "certutil -CRL". If the problem persists, restart Certificate Services.

Message #

Active Directory Certificate Services could not create a certificate revocation list. %1.  This may cause applications that need to check the revocation status of certificates issued by this CA to fail. You can recreate the certificate revocation list manually by running the following command: "certutil -CRL". If the problem persists, restart Certificate Services.

Fields #

NameDescription
ErrorMessageText UnicodeString

Event ID 130: Active Directory Certificate Services could not create a certificate revocation list

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
ErrorMessageText UnicodeString

Event ID 131: An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting. To resolve, run: "certutil -getreg ca\EKUOIDsForPublishExpiredCertInCRL" to identify the invalid OID and correct it. The default OIDs ("1.3.6.1.5.5.7.3.3" and "1.3.6.1.4.1.311.61.1.1") will be used.

Message #

An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting. To resolve, run: "certutil -getreg ca\EKUOIDsForPublishExpiredCertInCRL" to identify the invalid OID and correct it. The default OIDs ("1.3.6.1.5.5.7.3.3" and "1.3.6.1.4.1.311.61.1.1") will be used.

Event ID 131: An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Event ID 132: The certification authority (CA) was unable to perform a decryption operation.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The certification authority (CA) was unable to perform a decryption operation. This error can occur when an advanced encryption algorithm such as Advanced Encryption Standard (AES) is used and the CA has not been configured to use a CryptoAPI Next Generation (CNG) key storage provider. If this error occurred during certificate enrollment, check the certificate template to ensure that advanced encryption for key archival is not enabled.

Message #

The certification authority (CA) was unable to perform a decryption operation.  This error can occur when an advanced encryption algorithm such as Advanced Encryption Standard (AES) is used and the CA has not been configured to use a CryptoAPI Next Generation (CNG) key storage provider. If this error occurred during certificate enrollment, check the certificate template to ensure that advanced encryption for key archival is not enabled.

Event ID 132: The certification authority (CA) was unable to perform a decryption operation

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Event ID 133: The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL). The CA will not issue any certificates or CRLs that do not contain this extension. To correct this problem, use the Certification Authority snap-in to remove any Unicode characters in the URLs for the AIA, CDP, and IDP extensions, then restart the CA.

Message #

The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL). The CA will not issue any certificates or CRLs that do not contain this extension. To correct this problem, use the Certification Authority snap-in to remove any Unicode characters in the URLs for the AIA, CDP, and IDP extensions, then restart the CA.

Event ID 133: The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL)

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Event ID 134: A certificate in the chain for CA certificate CACertIdentifier for CACommonName has expired.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

A certificate in the chain for CA certificate CACertIdentifier for CACommonName has expired. ErrorCode.

Message #

A certificate in the chain for CA certificate %3 for %1 has expired.  %2.

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 134: A certificate in the chain for CA certificate CACertIdentifier for CACommonName has expired

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A certificate in the chain for CA certificate for has expired. .

Fields #

NameDescription
CACommonName UnicodeString
ErrorCode UnicodeString
CACertIdentifier UnicodeString

Event ID 135: Active Directory Certificate Services successfully created dummy key pair required for pre-signing.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services successfully created dummy key pair required for pre-signing.

Message #

Active Directory Certificate Services successfully created dummy key pair required for pre-signing.

Additional information:
Provider Type: %1
Key Length: %2
Key Algorithm: %3

Fields #

NameDescription
ProvType UnicodeString
KeyLength UnicodeString
AlgorithmName UnicodeString

Event ID 135: Active Directory Certificate Services successfully created dummy key pair required for pre-signing

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully created dummy key pair required for pre-signing.

Fields #

NameDescription
ProvType UnicodeString
KeyLength UnicodeString
AlgorithmName UnicodeString

Event ID 136: Active Directory Certificate Services could not create dummy key pair required for pre-signing.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services could not create dummy key pair required for pre-signing. This will cause requests for pre-signing to fail.

Message #

Active Directory Certificate Services could not create dummy key pair required for pre-signing. This will cause requests for pre-signing to fail.

Additional information:
Error: %1
Provider Type: %2
Key Length: %3
Key Algorithm: %4

Fields #

NameDescription
ErrorCode UnicodeString
ProvType UnicodeString
KeyLength UnicodeString
AlgorithmName UnicodeString

Event ID 136: Active Directory Certificate Services could not create dummy key pair required for pre-signing

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not create dummy key pair required for pre-signing. This will cause requests for pre-signing to fail.

Fields #

NameDescription
ErrorCode UnicodeString
ProvType UnicodeString
KeyLength UnicodeString
AlgorithmName UnicodeString

Event ID 138: Active Directory Certificate Services did not start: Unable to initialize OLE Security: ErrorCode.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: Unable to initialize OLE Security: ErrorCode.

Message #

Active Directory Certificate Services did not start: Unable to initialize OLE Security: %1.

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 138: Active Directory Certificate Services did not start: Unable to initialize OLE Security:

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Unable to initialize OLE Security: .

Fields #

NameDescription
ErrorCode UnicodeString

Event ID 139: Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Message #

Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLMaxPartitions is either not configured or set to an invalid value.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 139: Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CACommonName\CRLMaxPartitions is either not config...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACommonName UnicodeString

Event ID 140: Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Message #

Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLMaxPartitions should be greater than or equal to the value configured at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLSuspendedPartitions.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 140: Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CACommonName\CRLMaxPartitions should be greater th...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACommonName UnicodeString

Event ID 141: Active Directory Certificate Services did not start: LDAP URLs should not be selected in the CDP extension when CRL partitioning feature is enabled.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: LDAP URLs should not be selected in the CDP extension when CRL partitioning feature is enabled.

Message #

Active Directory Certificate Services did not start: LDAP URLs should not be selected in the CDP extension when CRL partitioning feature is enabled.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 141: Active Directory Certificate Services did not start: LDAP URLs should not be selected in the CDP extension when CRL partitioning feature is enabled

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: LDAP URLs should not be selected in the CDP extension when CRL partitioning feature is enabled.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 142: Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be included in the URLs configured for the CDP extension when CRL par...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be included in the URLs configured for the CDP extension when CRL partitioning feature is enabled.

Message #

Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be included in the URLs configured for the CDP extension when CRL partitioning feature is enabled.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 142: Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be included in the URLs configured for the CDP extension when CRL partitioning feature is enabled

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: <CRLPartitionIndex> MUST be included in the URLs configured for the CDP extension when CRL partitioning feature is enabled.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 143: Active Directory Certificate Services did not start: At least one of the URLs configured in the CDP extension MUST be selected to include the IDP e...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Description

Active Directory Certificate Services did not start: At least one of the URLs configured in the CDP extension MUST be selected to include the IDP extension in the issued CRLs.

Message #

Active Directory Certificate Services did not start: At least one of the URLs configured in the CDP extension MUST be selected to include the IDP extension in the issued CRLs.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 143: Active Directory Certificate Services did not start: At least one of the URLs configured in the CDP extension MUST be selected to include the IDP extension in the issued CRLs

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: At least one of the URLs configured in the CDP extension MUST be selected to include the IDP extension in the issued CRLs.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 144: Active Directory Certificate Services did not start: The current configuration of the CA does not allow for the support of the CRL partitioning fea...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Message #

Active Directory Certificate Services did not start: The current configuration of the CA does not allow for the support of the CRL partitioning feature. To resolve the issue, revert the configuration changes associated with CRL partitioning.

Event ID 144: Active Directory Certificate Services did not start: The current configuration of the CA does not allow for the support of the CRL partitioning feature

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Event ID 145: The Subject Key Identifier (SKI) computed by the certification authority (CA) differs from the value provided in the request.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Message #

The Subject Key Identifier (SKI) computed by the certification authority (CA) differs from the value provided in the request. For security reasons, the CA will ignore the SKI value specified in the request.

Additional information:
SKI specified in the request: %1
SKI computed by CA: %2

Fields #

NameDescription
SKIRequested UnicodeString
SKIGenerated UnicodeString

Event ID 145: The Subject Key Identifier (SKI) computed by the certification authority (CA) differs from the value provided in the request

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
SKIRequested UnicodeString
SKIGenerated UnicodeString

Event ID 146: Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Application

Message #

Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\%1\CRLFlags is set to an invalid value. The bits 0x01000000 and 0x02000000 are mutually exclusive.

Fields #

NameDescription
CACommonName UnicodeString

Event ID 146: Active Directory Certificate Services did not start: The registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CACommonName\CRLFlags is set to an invalid value

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Fields #

NameDescription
CACommonName UnicodeString

Event ID 1113194502: Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.

Message #

Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.

Fields #

NameDescription
RequestId
SubjectName

Event ID 1113194504: Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.

Message #

Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.

Fields #

NameDescription
RequestId
SubjectName

Event ID 1113194521: Active Directory Certificate Services revoked the certificate for request {RequestId} for {SubjectName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services revoked the certificate for request {RequestId} for {SubjectName}.

Message #

Active Directory Certificate Services revoked the certificate for request {RequestId} for {SubjectName}.

Fields #

NameDescription
RequestId
SubjectName

Event ID 1113194522: Active Directory Certificate Services for {CACommonName} was started.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
4

Description

Active Directory Certificate Services for {CACommonName} was started.{DCSpecifier}{DCName}.

Message #

Active Directory Certificate Services for {CACommonName} was started.{DCSpecifier}{DCName}

Fields #

NameDescription
CACommonName
DCSpecifier
DCName

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 26,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:16:52.4651741+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "DCName": "JD-DC01-2022.ludus.domain",
    "CACommonName": "EvtGen-Root-CA",
    "DCSpecifier": "  DC="
  }
}

Event ID 1113194525: Active Directory Certificate Services issued a new Certificate Revocation List for {param1}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services issued a new Certificate Revocation List for {param1}.

Message #

Active Directory Certificate Services issued a new Certificate Revocation List for {param1}.

Fields #

NameDescription
param1

Event ID 1113194534: Active Directory Certificate Services for {CACommonName} was stopped.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
4

Description

Active Directory Certificate Services for {CACommonName} was stopped.

Message #

Active Directory Certificate Services for {CACommonName} was stopped.

Fields #

NameDescription
CACommonName

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 38,
    "level": 4,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:05:17.6318277+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "CACommonName": "EvtGen-Root-CA"
  }
}

Event ID 1113194548: Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}. Additional information: {AdditionalInformation}.

Message #

Active Directory Certificate Services issued a certificate for request {RequestId} for {SubjectName}.  Additional information: {AdditionalInformation}

Fields #

NameDescription
RequestId
SubjectName
AdditionalInformation

Event ID 1113194550: Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}. Additional information: {AdditionalInformation}.

Message #

Active Directory Certificate Services left request {RequestId} pending in the queue for {SubjectName}.  Additional information: {AdditionalInformation}

Fields #

NameDescription
RequestId
SubjectName
AdditionalInformation

Event ID 1113194551: Active Directory Certificate Services unrevoked the certificate for request {RequestId} for {SubjectName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services unrevoked the certificate for request {RequestId} for {SubjectName}.

Message #

Active Directory Certificate Services unrevoked the certificate for request {RequestId} for {SubjectName}.

Fields #

NameDescription
RequestId
SubjectName

Event ID 1113194552: Active Directory Certificate Services denied request {RequestId}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services denied request {RequestId}. The request was for {SubjectName}.

Message #

Active Directory Certificate Services denied request {RequestId}.  The request was for {SubjectName}.

Fields #

NameDescription
RequestId
SubjectName

Event ID 1113194553: Active Directory Certificate Services denied request {RequestId}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services denied request {RequestId}. The request was for {SubjectName}. Additional information: {AdditionalInformation}.

Message #

Active Directory Certificate Services denied request {RequestId}.  The request was for {SubjectName}.  Additional information: {AdditionalInformation}

Fields #

NameDescription
RequestId
SubjectName
AdditionalInformation

Event ID 1113194564: Active Directory Certificate Services successfully published Base CRL(s).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Base CRL(s).

Message #

Active Directory Certificate Services successfully published Base CRL(s).

Event ID 1113194565: Active Directory Certificate Services successfully published Delta CRL(s).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Delta CRL(s).

Message #

Active Directory Certificate Services successfully published Delta CRL(s).

Event ID 1113194566: Active Directory Certificate Services successfully published Base and Delta CRL(s).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Base and Delta CRL(s).

Message #

Active Directory Certificate Services successfully published Base and Delta CRL(s).

Event ID 1113194567: Active Directory Certificate Services successfully published Base CRL(s) to server {HostName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Base CRL(s) to server {HostName}.

Message #

Active Directory Certificate Services successfully published Base CRL(s) to server {HostName}.

Fields #

NameDescription
HostName

Event ID 1113194568: Active Directory Certificate Services successfully published Delta CRL(s) to server {HostName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Delta CRL(s) to server {HostName}.

Message #

Active Directory Certificate Services successfully published Delta CRL(s) to server {HostName}.

Fields #

NameDescription
HostName

Event ID 1113194569: Active Directory Certificate Services successfully published Base and Delta CRL(s) to server {HostName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services successfully published Base and Delta CRL(s) to server {HostName}.

Message #

Active Directory Certificate Services successfully published Base and Delta CRL(s) to server {HostName}.

Fields #

NameDescription
HostName

Event ID 1113194572: The '{PolicyModuleDescription}' Policy Module logged the following information: {InformationMessage}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The '{PolicyModuleDescription}' Policy Module logged the following information: {InformationMessage}.

Message #

The '{PolicyModuleDescription}' Policy Module logged the following information: {InformationMessage}

Fields #

NameDescription
PolicyModuleDescription
InformationMessage

Event ID 1113194597: Active Directory Certificate Services created CA cross certificate {Version} for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services created CA cross certificate {Version} for {CACommonName}.

Message #

Active Directory Certificate Services created CA cross certificate {Version} for {CACommonName}.

Fields #

NameDescription
Version
CACommonName

Event ID 1113194620: Active Directory Certificate Services upgrade succeeded.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade succeeded. Active Directory Certificate Services settings have been upgraded successfully.

Message #

Active Directory Certificate Services upgrade succeeded. Active Directory Certificate Services settings have been upgraded successfully.

Event ID 2186805251: Request failed.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Request failed.

Message #

Request failed.

Event ID 2186936327: Active Directory Certificate Services denied request {RequestId} because {Reason}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services denied request {RequestId} because {Reason}. The request was for {SubjectName}.

Message #

Active Directory Certificate Services denied request {RequestId} because {Reason}.  The request was for {SubjectName}.

Fields #

NameDescription
RequestId
Reason
SubjectName

Event ID 2186936368: Revocation status for a certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because a server is...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Revocation status for a certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because a server is currently unavailable. {ErrorCode}.

Message #

Revocation status for a certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because a server is currently unavailable.  {ErrorCode}.

Fields #

NameDescription
CACertIdentifier
CACommonName
ErrorCode

Event ID 2186936369: A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because no information is available descr...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} could not be verified because no information is available describing how to check the revocation status.  {ErrorCode}.

Fields #

NameDescription
CACertIdentifier
CACommonName
ErrorCode

Event ID 2186936373: Active Directory Certificate Services denied request {RequestId} because {Reason}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
3

Description

Active Directory Certificate Services denied request {RequestId} because {Reason}. The request was for {SubjectName}. Additional information: {AdditionalInformation}.

Message #

Active Directory Certificate Services denied request {RequestId} because {Reason}.  The request was for {SubjectName}.  Additional information: {AdditionalInformation}

Fields #

NameDescription
RequestId
Reason
SubjectName
AdditionalInformation

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 53,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:16:58.3883392+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "AdditionalInformation": "Denied by Policy Module  0x80094801, The request does not contain a certificate template extension or the CertificateTemplate request attribute.\n",
    "Reason": "The request contains no certificate template information. 0x80094801 (-2146875391 CERTSRV_E_NO_CERT_TYPE)",
    "SubjectName": "CN=EvtGenTestCert, O=Test, L=Test, S=Test, C=US",
    "RequestId": "2"
  }
}

Event ID 2186936382: Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Message #

Active Directory Certificate Services had problems loading valid CRL publication values and has reset the CRL publication to its default settings.

Event ID 2186936397: The '{PolicyModuleDescription}' Policy Module logged the following warning: {WarningMessage}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
3

Description

The '{PolicyModuleDescription}' Policy Module logged the following warning: {WarningMessage}.

Message #

The '{PolicyModuleDescription}' Policy Module logged the following warning: {WarningMessage}

Fields #

NameDescription
PolicyModuleDescription
WarningMessage

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 77,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:24:03.4811975+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "WarningMessage": "The Active Directory connection to JD-DC01-2022.ludus.domain has been reestablished to JD-DC01-2022.ludus.domain.\n",
    "PolicyModuleDescription": "Windows default"
  }
}

Event ID 2186936399: Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location: {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location: {DN}. {ErrorMessageText}.{param5}{AdditionalErrorMessage}.

Message #

Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
RequestId
DN
ErrorMessageText
param5
AdditionalErrorMessage

Event ID 2186936400: Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location on server {HostName}: {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location on server {HostName}: {DN}. {ErrorMessageText}.{param5}{AdditionalErrorMessage}.

Message #

Active Directory Certificate Services could not publish a Certificate for request {RequestId} to the following location on server {HostName}: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
RequestId
HostName
DN
ErrorMessageText
param5
AdditionalErrorMessage

Event ID 2186936406: Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not use the provider specified in the registry for encryption keys. {ErrorCode}.

Message #

Active Directory Certificate Services could not use the provider specified in the registry for encryption keys.  {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936408: Active Directory Certificate Services switched to the default provider for encryption keys.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services switched to the default provider for encryption keys. {DefaultProviderName}.

Message #

Active Directory Certificate Services switched to the default provider for encryption keys. {DefaultProviderName}

Fields #

NameDescription
DefaultProviderName

Event ID 2186936413: The certificate (#{CACertIdentifier}) of Active Directory Certificate Services {CACommonName} does not exist in the certificate store at CN=NTAuthC...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

The certificate (#{CACertIdentifier}) of Active Directory Certificate Services {CACommonName} does not exist in the certificate store at CN=NTAuthCertificates;CN=Public Key Services;CN=Services in the Active Directory's configuration container.  The directory replication may not be completed.

Fields #

NameDescription
CACertIdentifier
CACommonName

Event ID 2186936414: Active Directory Certificate Services {CACommonName} can not open the certificate store at CN=NTAuthCertificates;CN=Public Key Services;CN=Services...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services {CACommonName} can not open the certificate store at CN=NTAuthCertificates;CN=Public Key Services;CN=Services in the Active Directory's configuration container.

Message #

Active Directory Certificate Services {CACommonName} can not open the certificate store at CN=NTAuthCertificates;CN=Public Key Services;CN=Services in the Active Directory's configuration container.

Fields #

NameDescription
CACommonName

Event ID 2186936417: Active Directory Certificate Services {CACommonName} will reduce the maximum lifetime of the issued certificate for request {RequestId} because the...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services {CACommonName} will reduce the maximum lifetime of the issued certificate for request {RequestId} because the CA certificate lifetime is shorter than the registry validity period.  Consider renewing the CA certificate or reducing the registry validity period.

Fields #

NameDescription
CACommonName
RequestId

Event ID 2186936423: Active Directory Certificate Services added the root certificate of certificate chain {CACertIdentifier} to the downloaded Trusted Root Certificati...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
3

Message #

Active Directory Certificate Services added the root certificate of certificate chain {CACertIdentifier} to the downloaded Trusted Root Certification Authorities Enterprise store on the CA computer. This store will be updated from the Certification Authorities container in Active Directory the next time Group Policy is applied. To verify that the CA certificate is published correctly in Active Directory; run the following command: certutil -viewstore '{LDAPPath}' (you must include the quotation marks when you run this command). If the root CA certificate is not present; use the Certificates console on the root CA computer to export the certificate to a file; and then run the following command to publish it to Active Directory: Certutil -dspublish %certificatefilename% Root.

Fields #

NameDescription
CACertIdentifier
LDAPPath

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 103,
    "level": 3,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:16:52.1346485+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "LDAPPath": "ldap:///CN=EvtGen-Root-CA,CN=Certification Authorities,CN=Public Key Services,CN=Services,CN=Configuration,DC=ludus,DC=domain?cACertificate?base?objectClass=certificationAuthority",
    "CACertIdentifier": "0"
  }
}

Event ID 2186936424: Active Directory Certificate Services published certificate {CACertIdentifier} to {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services published certificate {CACertIdentifier} to {DN}.

Message #

Active Directory Certificate Services published certificate {CACertIdentifier} to {DN}.

Fields #

NameDescription
CACertIdentifier
DN

Event ID 2186936425: Active Directory Certificate Services deleted invalid certificate {CACertIdentifier} from {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services deleted invalid certificate {CACertIdentifier} from {DN}.

Message #

Active Directory Certificate Services deleted invalid certificate {CACertIdentifier} from {DN}.

Fields #

NameDescription
CACertIdentifier
DN

Event ID 2186936428: Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location: {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location: {DN}. {ErrorMessageText}.{param5}{AdditionalErrorMessage}.

Message #

Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
RequestId
DN
ErrorMessageText
param5
AdditionalErrorMessage

Event ID 2186936429: Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location on server {HostName}: {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services could not delete a Certificate for request {RequestId} from the following location on server {HostName}: {DN}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
RequestId
HostName
DN
ErrorMessageText
param5
AdditionalErrorMessage

Event ID 2186936430: Active Directory Certificate Services could not initialize the performance counters.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not initialize the performance counters.

Message #

Active Directory Certificate Services could not initialize the performance counters.

Event ID 2186936433: A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissi...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create CertEnroll folder and/or shared folder with proper permissions. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936434: A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create virtual roots. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936435: A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not update server registry entries. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936436: A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create web configuration file. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936437: A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not create revocation page. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936438: A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not upgrade key containers. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936439: A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv request.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv request. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv request. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936440: A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv admin.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv admin. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not register CertSrv admin. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936441: A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not install new templates. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936442: A portion of the Active Directory Certificate Services upgrade failed: Could not update service description.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update service description. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not update service description. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936443: A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings. {ErrorCode}.

Message #

A portion of the Active Directory Certificate Services upgrade failed: Could not update security settings. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 2186936447: Key recovery certificate {KRACertIndex} is about to expire soon and will not be used upon expiration.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Key recovery certificate {KRACertIndex} is about to expire soon and will not be used upon expiration. Contact your adminstrator to renew this certificate. {KRACertSubjectName} {ErrorCode}.

Message #

Key recovery certificate {KRACertIndex} is about to expire soon and will not be used upon expiration. Contact your adminstrator to renew this certificate.  {KRACertSubjectName}  {ErrorCode}

Fields #

NameDescription
KRACertIndex
KRACertSubjectName
ErrorCode

Event ID 2186936448: An Authority Key Identifier was passed as part of the certificate request {RequestId}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

An Authority Key Identifier was passed as part of the certificate request {RequestId}. This feature has not been enabled. To enable specifying a CA key for certificate signing; run: 'certutil -setreg ca\UseDefinedCACertInRequest 1' and then restart the service.

Fields #

NameDescription
RequestId

Event ID 2186936449: An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

An invalid OID has been detected in the EnabledEKUForDefinedCACert configuration setting. To resolve; run: 'certutil -getreg ca\EnabledEKUForDefinedCACert' to identify the invalid OID and correct it. The default OID ('1.3.6.1.5.5.7.3.9') will be used.

Event ID 2186936451: An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

An invalid OID has been detected in the EKUOIDsForPublishExpiredCertInCRL configuration setting. To resolve; run: 'certutil -getreg ca\EKUOIDsForPublishExpiredCertInCRL' to identify the invalid OID and correct it. The default OIDs ('1.3.6.1.5.5.7.3.3' and '1.3.6.1.4.1.311.61.1.1') will be used.

Event ID 3260678149: Active Directory Certificate Services could not find required registry information.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not find required registry information. The Active Directory Certificate Services may need to be reinstalled.

Message #

Active Directory Certificate Services could not find required registry information.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 3260678153: The Active Directory Certificate Services did not start: Unable to load an external policy module.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The Active Directory Certificate Services did not start: Unable to load an external policy module.

Message #

The Active Directory Certificate Services did not start: Unable to load an external policy module.

Event ID 3260678154: Active Directory Certificate Services were unable to build a new certificate or certificate chain: {ErrorCode}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services were unable to build a new certificate or certificate chain: {ErrorCode}.

Message #

Active Directory Certificate Services were unable to build a new certificate or certificate chain: {ErrorCode}.

Fields #

NameDescription
ErrorCode

Event ID 3260678159: Active Directory Certificate Services did not start: Version does not match certif.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Version does not match certif.dll.

Message #

Active Directory Certificate Services did not start: Version does not match certif.dll.

Event ID 3260678160: Active Directory Certificate Services did not start: Unable to initialize OLE: {ErrorCode}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Unable to initialize OLE: {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Unable to initialize OLE: {ErrorCode}.

Fields #

NameDescription
ErrorCode

Event ID 3260678161: Active Directory Certificate Services did not start: Unable to initialize the database connection for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services did not start: Unable to initialize the database connection for {CACommonName}. {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Unable to initialize the database connection for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 17,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:06:28.9787899+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "Certificate service has been suspended for a database restore operation. 0x80094006 (-2146877434 CERTSRV_E_SERVER_SUSPENDED)",
    "CACommonName": "EvtGen-Root-CA"
  }
}

Event ID 3260678163: Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services did not start: The Subject Name Template string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CACommonName}\SubjectTemplate is invalid.  An example of a valid string is: CommonName OrganizationalUnit Organization Locality State Country

Fields #

NameDescription
CACommonName

Event ID 3260678164: Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\Cu...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services did not start: The Certificate Date Validity Period string in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CACommonName}\ValidityPeriod is invalid.  Valid strings are 'Seconds'; 'Minutes'; 'Hours'; 'Days'; 'Weeks'; 'Months' and 'Years'.

Fields #

NameDescription
CACommonName

Event ID 3260678165: Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}. The request was for {SubjectName}.

Message #

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.  The request was for {SubjectName}.

Fields #

NameDescription
RequestId
ErrorCode
SubjectName

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 21,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T20:24:03.9698601+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "The request's current status does not allow this operation. 0x80094003 (-2146877437 CERTSRV_E_BAD_REQUESTSTATUS)",
    "SubjectName": "CN=EvtGen-Root-CA, DC=ludus, DC=domain",
    "RequestId": "1"
  }
}

Event ID 3260678166: Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}. The request was for {SubjectName}. Additional information: {AdditionalInformation}.

Message #

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.  The request was for {SubjectName}.  Additional information: {AdditionalInformation}

Fields #

NameDescription
RequestId
ErrorCode
SubjectName
AdditionalInformation

Event ID 3260678167: Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services could not process request {RequestId} due to an error: {ErrorCode}.  The request was for {SubjectName}.  The certificate would contain an encoded length that is potentially incompatible with older enrollment software.  Submit a new request using different length input data for the following field: {Field}

Fields #

NameDescription
RequestId
ErrorCode
SubjectName
Field

Event ID 3260678171: Active Directory Certificate Services did not start: Hierarchical setup is incomplete.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services did not start: Hierarchical setup is incomplete.  Use the request file in {RequestFileName}.req to obtain a certificate for this Certificate Server; and use the Certification Authority administration tool to install the new certificate and complete the installation.

Fields #

NameDescription
RequestFileName

Event ID 3260678172: Active Directory Certificate Services did not start: The Certificate Revocation List Period string is invalid in the registry value HKEY_LOCAL_MACH...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services did not start: The Certificate Revocation List Period string is invalid in the registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\{CACommonName}\CRLPeriod.  Valid strings are 'Seconds'; 'Minutes'; 'Hours'; 'Days'; 'Weeks'; 'Months' and 'Years'.

Fields #

NameDescription
CACommonName

Event ID 3260678177: Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for {CACommonName}. {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Could not create the Certificate Server service thread for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678178: Active Directory Certificate Services did not start: Could not initialize RPC for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not initialize RPC for {CACommonName}. {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Could not initialize RPC for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678179: Active Directory Certificate Services did not start: Could not initialize OLE for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not initialize OLE for {CACommonName}. {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Could not initialize OLE for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678183: Active Directory Certificate Services did not start: The Certification Authority DCOM class for {CACommonName} could not be registered.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services did not start: The Certification Authority DCOM class for {CACommonName} could not be registered.  {ErrorCode}.  Use the services administration tool to change the Certification Authority logon context.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678184: Active Directory Certificate Services did not start: Could not initialize DCOM class factories for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not initialize DCOM class factories for {CACommonName}. {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Could not initialize DCOM class factories for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678185: Active Directory Certificate Services did not start: Could not initialize DCOM Security Context for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not initialize DCOM Security Context for {CACommonName}. {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Could not initialize DCOM Security Context for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678186: Could not build a certificate chain for CA certificate {CACertIdentifier} for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Could not build a certificate chain for CA certificate {CACertIdentifier} for {CACommonName}. {ErrorCode}.

Message #

Could not build a certificate chain for CA certificate {CACertIdentifier} for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACertIdentifier
CACommonName
ErrorCode

Event ID 3260678187: The '{PolicyModuleDescription}' Policy Module '{MethodName}' method caused an exception at address {ExceptionAddress}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The '{PolicyModuleDescription}' Policy Module '{MethodName}' method caused an exception at address {ExceptionAddress}. The exception code is {ExceptionCode}.

Message #

The '{PolicyModuleDescription}' Policy Module '{MethodName}' method caused an exception at address {ExceptionAddress}.  The exception code is {ExceptionCode}.

Fields #

NameDescription
PolicyModuleDescription
MethodName
ExceptionAddress
ExceptionCode

Event ID 3260678188: The '{PolicyModuleDescription}' Policy Module '{MethodName}' method returned an error.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

The '{PolicyModuleDescription}' Policy Module '{MethodName}' method returned an error. {ErrorString} The returned status code is {ErrorCode}. {param4}.

Message #

The '{PolicyModuleDescription}' Policy Module '{MethodName}' method returned an error. {ErrorString} The returned status code is {ErrorCode}.  {param4}

Fields #

NameDescription
PolicyModuleDescription
MethodName
ErrorString
ErrorCode
param4

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 44,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T21:48:47.6826498+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "0x8007054b (1355)",
    "MethodName": "Initialize",
    "ErrorString": "The specified domain either does not exist or could not be contacted.",
    "param4": "The Active Directory containing the Certification Authority could not be contacted.\n",
    "PolicyModuleDescription": "Windows default"
  }
}

Event ID 3260678189: The '{ExitModuleDescription}' Exit Module '{MethodName}' method caused an exception at address {ExceptionAddress}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The '{ExitModuleDescription}' Exit Module '{MethodName}' method caused an exception at address {ExceptionAddress}. The exception code is {ExceptionCode}.

Message #

The '{ExitModuleDescription}' Exit Module '{MethodName}' method caused an exception at address {ExceptionAddress}.  The exception code is {ExceptionCode}.

Fields #

NameDescription
ExitModuleDescription
MethodName
ExceptionAddress
ExceptionCode

Event ID 3260678190: The '{ExitModuleDescription}' Exit Module '{MethodName}' method returned an error.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The '{ExitModuleDescription}' Exit Module '{MethodName}' method returned an error. {ErrorString} The returned status code is {ErrorCode}. {param4}.

Message #

The '{ExitModuleDescription}' Exit Module '{MethodName}' method returned an error. {ErrorString} The returned status code is {ErrorCode}.  {param4}

Fields #

NameDescription
ExitModuleDescription
MethodName
ErrorString
ErrorCode
param4

Event ID 3260678195: A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has been revoked.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has been revoked. {ErrorCode}.

Message #

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has been revoked.  {ErrorCode}.

Fields #

NameDescription
CACertIdentifier
CACommonName
ErrorCode

Event ID 3260678202: A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has expired.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has expired. {ErrorCode}.

Message #

A certificate in the chain for CA certificate {CACertIdentifier} for {CACommonName} has expired.  {ErrorCode}.

Fields #

NameDescription
CACertIdentifier
CACommonName
ErrorCode

Event ID 3260678203: Active Directory Certificate Services did not start: Could not connect to the Active Directory for {CACommonName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not connect to the Active Directory for {CACommonName}. {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Could not connect to the Active Directory for {CACommonName}.  {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678204: Active Directory Certificate Services refused to process an extremely long request from {SubjectName}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services refused to process an extremely long request from {SubjectName}. This may indicate a denial-of-service attack. If the request was rejected in error; modify the MaxIncomingMessageSize registry parameter via certutil -setreg CA\MaxIncomingMessageSize <bytes>.Unless verbose logging is enabled; this error will not be logged again for 20 minutes.

Fields #

NameDescription
SubjectName

Event ID 3260678207: Active Directory Certificate Services did not start: {CACommonName} {ErrorCode}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: {CACommonName} {ErrorCode}.

Message #

Active Directory Certificate Services did not start: {CACommonName} {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678208: Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Message #

Active Directory Certificate Services cannot publish enrollment access changes to Active Directory.

Event ID 3260678209: Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location: {URL}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location: {URL}. {ErrorMessageText}.{param5}{AdditionalErrorMessage}.

Message #

Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
CAKeyIdentifier
URL
ErrorMessageText
param5
AdditionalErrorMessage

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 65,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:06:22.1539855+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "URL": "http://crl.ludus.domain/crldist/EvtGen-Root-CA.crl",
    "AdditionalErrorMessage": "",
    "param4": "",
    "ErrorMessageText": "The specified path is invalid. 0x800700a1 (WIN32/HTTP: 161 ERROR_BAD_PATHNAME)",
    "CAKeyIdentifier": "0",
    "param5": ""
  }
}

Event ID 3260678210: Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location: {URL}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location: {URL}. {ErrorMessageText}.{param5}{AdditionalErrorMessage}.

Message #

Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
CAKeyIdentifier
URL
ErrorMessageText
param5
AdditionalErrorMessage

Event ID 3260678211: Active Directory Certificate Services made {NumberOfAttempts} attempts to publish a CRL and will stop publishing attempts until the next CRL is gen...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services made {NumberOfAttempts} attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Message #

Active Directory Certificate Services made {NumberOfAttempts} attempts to publish a CRL and will stop publishing attempts until the next CRL is generated.

Fields #

NameDescription
NumberOfAttempts

Event ID 3260678218: Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}. {ErrorMessageText}.{param5}{AdditionalErrorMessage}.

Message #

Active Directory Certificate Services could not publish a Base CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
CAKeyIdentifier
HostName
URL
ErrorMessageText
param5
AdditionalErrorMessage

Event ID 3260678219: Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services could not publish a Delta CRL for key {CAKeyIdentifier} to the following location on server {HostName}: {URL}.  {ErrorMessageText}.{param5}{AdditionalErrorMessage}

Fields #

NameDescription
CAKeyIdentifier
HostName
URL
ErrorMessageText
param5
AdditionalErrorMessage

Event ID 3260678222: The '{PolicyModuleDescription}' Policy Module logged the following error: {ErrorMessage}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

The '{PolicyModuleDescription}' Policy Module logged the following error: {ErrorMessage}.

Message #

The '{PolicyModuleDescription}' Policy Module logged the following error: {ErrorMessage}

Fields #

NameDescription
PolicyModuleDescription
ErrorMessage

Event ID 3260678225: Active Directory Certificate Services key archival is only supported on Advanced Server.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services key archival is only supported on Advanced Server. {ErrorCode}.

Message #

Active Directory Certificate Services key archival is only supported on Advanced Server.  {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 3260678226: Active Directory Certificate Services could only verify {NumberOfValidKRACerts} of {RequiredNumberOfValidKRACerts} key recovery certificates requir...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services could only verify {NumberOfValidKRACerts} of {RequiredNumberOfValidKRACerts} key recovery certificates required to enable private key archival.  Requests to archive private keys will not be accepted.

Fields #

NameDescription
NumberOfValidKRACerts
RequiredNumberOfValidKRACerts

Event ID 3260678227: Active Directory Certificate Services encountered an error loading key recovery certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational
Level
2

Description

Active Directory Certificate Services encountered an error loading key recovery certificates. Requests to archive private keys will not be accepted. {ErrorCode}.

Message #

Active Directory Certificate Services encountered an error loading key recovery certificates.  Requests to archive private keys will not be accepted.  {ErrorCode}

Fields #

NameDescription
ErrorCode

Example Event #

{
  "system": {
    "provider": "Microsoft-Windows-CertificationAuthority",
    "event_id": 83,
    "level": 2,
    "task": 0,
    "opcode": 0,
    "time_created": "2026-03-13T23:15:53.2457675+00:00",
    "computer": "JD-DC01-2022.ludus.domain",
    "channel": "Application"
  },
  "event_data": {
    "ErrorCode": "The system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND)"
  }
}

Event ID 3260678228: Active Directory Certificate Services will not use key recovery certificate {KRACertIndex} because it could not be verified for use as a Key Recove...

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services will not use key recovery certificate {KRACertIndex} because it could not be verified for use as a Key Recovery Agent. {KRACertSubjectName} {ErrorCode}.

Message #

Active Directory Certificate Services will not use key recovery certificate {KRACertIndex} because it could not be verified for use as a Key Recovery Agent.  {KRACertSubjectName}  {ErrorCode}

Fields #

NameDescription
KRACertIndex
KRACertSubjectName
ErrorCode

Event ID 3260678229: Active Directory Certificate Services ignored key recovery certificate {KRACertIndex} because it could not be loaded.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services ignored key recovery certificate {KRACertIndex} because it could not be loaded. {KRACertSubjectName} {ErrorCode}.

Message #

Active Directory Certificate Services ignored key recovery certificate {KRACertIndex} because it could not be loaded.  {KRACertSubjectName}  {ErrorCode}

Fields #

NameDescription
KRACertIndex
KRACertSubjectName
ErrorCode

Event ID 3260678231: Active Directory Certificate Services could not use the default provider for encryption keys.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not use the default provider for encryption keys. {ErrorCode}.

Message #

Active Directory Certificate Services could not use the default provider for encryption keys.  {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 3260678234: {ExceptionLocation}: Active Directory Certificate Services detected an exception at address {ExceptionAddress}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

{ExceptionLocation}: Active Directory Certificate Services detected an exception at address {ExceptionAddress}. Flags = {ExceptionFlags}. The exception is {ErrorCode}.

Message #

{ExceptionLocation}: Active Directory Certificate Services detected an exception at address {ExceptionAddress}.  Flags = {ExceptionFlags}.  The exception is {ErrorCode}.

Fields #

NameDescription
ExceptionLocation
ExceptionAddress
ExceptionFlags
ErrorCode

Event ID 3260678235: Could not connect to the Active Directory.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Could not connect to the Active Directory. Active Directory Certificate Services will retry when processing requires Active Directory access.

Message #

Could not connect to the Active Directory.  Active Directory Certificate Services will retry when processing requires Active Directory access.

Event ID 3260678236: Active Directory Certificate Services could not update security permissions.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not update security permissions. {ErrorCode}.

Message #

Active Directory Certificate Services could not update security permissions. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 3260678239: Security permissions are corrupted or missing.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Security permissions are corrupted or missing. The Active Directory Certificate Services may need to be reinstalled.

Message #

Security permissions are corrupted or missing.  The Active Directory Certificate Services may need to be reinstalled.

Event ID 3260678240: Active Directory Certificate Services could not create an encryption certificate.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not create an encryption certificate. {Disposition}. {ErrorCode}.

Message #

Active Directory Certificate Services could not create an encryption certificate.  {Disposition}.  {ErrorCode}.

Fields #

NameDescription
Disposition
ErrorCode

Event ID 3260678242: Active Directory Certificate Services encountered errors validating configured key recovery certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services encountered errors validating configured key recovery certificates. Requests to archive private keys will no longer be accepted.

Message #

Active Directory Certificate Services encountered errors validating configured key recovery certificates.  Requests to archive private keys will no longer be accepted.

Event ID 3260678243: Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates. {Disposition}. {ErrorCode}.

Message #

Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.  {Disposition}.  {ErrorCode}.

Fields #

NameDescription
Version
Disposition
ErrorCode

Event ID 3260678244: Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate. {CACommonName} {ErrorCode}.

Message #

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate.  {CACommonName} {ErrorCode}.

Fields #

NameDescription
CACommonName
ErrorCode

Event ID 3260678246: Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates. The {ExtensionOid} extension is inconsistent. {Disposition}. {ErrorCode}.

Message #

Active Directory Certificate Services could not create cross certificate {Version} to certify its own root certificates.  The {ExtensionOid} extension is inconsistent.  {Disposition}.  {ErrorCode}.

Fields #

NameDescription
Version
ExtensionOid
Disposition
ErrorCode

Event ID 3260678250: Active Directory Certificate Services cannot add certificate {CACertIdentifier} to {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services cannot add certificate {CACertIdentifier} to {DN}. {DSErrorMessage}. {AdditionalErrorMessage}.

Message #

Active Directory Certificate Services cannot add certificate {CACertIdentifier} to {DN}.  {DSErrorMessage}.  {AdditionalErrorMessage}.

Fields #

NameDescription
CACertIdentifier
DN
DSErrorMessage
AdditionalErrorMessage

Event ID 3260678251: Active Directory Certificate Services cannot delete invalid certificate {CACertIdentifier} from {DN}.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services cannot delete invalid certificate {CACertIdentifier} from {DN}. {DSErrorMessage}. {AdditionalErrorMessage}.

Message #

Active Directory Certificate Services cannot delete invalid certificate {CACertIdentifier} from {DN}.  {DSErrorMessage}.  {AdditionalErrorMessage}.

Fields #

NameDescription
CACertIdentifier
DN
DSErrorMessage
AdditionalErrorMessage

Event ID 3260678255: Active Directory Certificate Services upgrade failed because the upgrade path could not be determined.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade failed because the upgrade path could not be determined. {ErrorCode}.

Message #

Active Directory Certificate Services upgrade failed because the upgrade path could not be determined. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 3260678256: Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable. {ErrorCode}.

Message #

Active Directory Certificate Services upgrade failed because information required for the upgrade was unavailable. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 3260678269: Active Directory Certificate Services upgrade failed.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Description

Active Directory Certificate Services upgrade failed. Active Directory Certificate Services settings have not been upgraded. {ErrorCode}.

Message #

Active Directory Certificate Services upgrade failed. Active Directory Certificate Services settings have not been upgraded. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 3260678270: Current information about advanced features supported by this Certification Authority is not available from the domain controller.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Current information about advanced features supported by this Certification Authority is not available from the domain controller. Stop and restart Certificate Services in order to update this information. {ErrorCode}

Fields #

NameDescription
ErrorCode

Event ID 3260678274: Active Directory Certificate Services could not create a certificate revocation list.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

Active Directory Certificate Services could not create a certificate revocation list. {ErrorMessageText}.  This may cause applications that need to check the revocation status of certificates issued by this CA to fail. You can recreate the certificate revocation list manually by running the following command: 'certutil -CRL'. If the problem persists; restart Certificate Services.

Fields #

NameDescription
ErrorMessageText

Event ID 3260678276: The certification authority (CA) was unable to perform a decryption operation.

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

The certification authority (CA) was unable to perform a decryption operation.  This error can occur when an advanced encryption algorithm such as Advanced Encryption Standard (AES) is used and the CA has not been configured to use a CryptoAPI Next Generation (CNG) key storage provider. If this error occurred during certificate enrollment; check the certificate template to ensure that advanced encryption for key archival is not enabled.

Event ID 3260678277: The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL).

#
Provider
Microsoft-Windows-CertificationAuthority
Channel
Operational

Message #

The certification authority (CA) failed to encode a server extension required to validate a certificate or certification revocation list (CRL). The CA will not issue any certificates or CRLs that do not contain this extension. To correct this problem; use the Certification Authority snap-in to remove any Unicode characters in the URLs for the AIA; CDP; and IDP extensions; then restart the CA.

Provenance

Where this provider's schema came from, and which Windows build it was observed on. Windows can change a provider's event schema between builds, so use this to judge whether it matches the build you collect from.

ETW provider GUID 6a71d062-9afe-4f35-ad08-52134f85dfb9

Defined in certsrv.exe, which carries the event manifest.

Observed on:

  • WS2022-20348.4893 · schema read from the registered manifest · binary version 10.0.20348.4767 · captured 2026-06-02

Downloads

Credits

  • Microsoft - authored the ETW manifests and PDBs the schema comes from
  • jdu2600 - the event-schema TSV format this catalog adopted
  • nasbench - the tool that dumps registered providers and manifests