Error when enrolling ACS CryptoMate64 for Smartcard Logon

-

i configuring windows 2008 r@ ca domain users can use usb tokens (acs cryptomate64  ) logon domain.

when try "enroll on behalf of.." administrator personal container certificates, error  "the signature of certificate cannot verified. 0x80096004 (-2146869244)"  when enrolling smart card logon

i have installed midleware associated acs cryptomate64 - http://acs.com.hk/en/products/18/cryptomate64-usb-cryptographic-tokens/

below event id

log name:      application
source:        microsoft-windows-certificateservicesclient-certenroll
date:          4/29/2014 8:58:00 am
event id:      13
task category: none
level:         error
keywords:      classic
user:          mydomain\administrator
computer:      myserver.mydomain.com
description:
certificate enrollment mydomain\administrator failed enroll smartcardlogon certificate request id 20 myserver.mydomain.com\mydomain-myserver-ca (the signature of certificate cannot verified. 0x80096004 (-2146869244)).
event xml:
<event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <system>
    <provider name="microsoft-windows-certificateservicesclient-certenroll" guid="{54164045-7c50-4905-963f-e5bc1eef0cca}" eventsourcename="certenroll" />
    <eventid qualifiers="49754">13</eventid>
    <version>0</version>
    <level>2</level>
    <task>0</task>
    <opcode>0</opcode>
    <keywords>0x80000000000000</keywords>
    <timecreated systemtime="2014-04-29t15:58:00.000000000z" />
    <eventrecordid>683</eventrecordid>
    <correlation />
    <execution processid="0" threadid="0" />
    <channel>application</channel>
    <computer>myserver.mydomain.com</computer>
    <security userid="s-1-5-21-656473300-829514176-3621705015-500" />
  </system>
  <eventdata>
    <data name="context">mydomain\administrator</data>
    <data name="templatename">smartcardlogon</data>
    <data name="requestid">myserver.mydomain.com\mydomain-myserver-ca</data>
    <data name="ca">20</data>
    <data name="errorcode">the signature of certificate cannot verified. 0x80096004 (-2146869244)</data>
  </eventdata>
</event>

kindly assist.



on tue, 29 apr 2014 07:30:56 +0000, willimwangi wrote:

when try "enroll on behalf of.." administrator personal container certificates, error  "the signature of certificate cannot verified. 0x80096004 (-2146869244)"  when enrolling smart card logon

what signature key length on ca?

paul adare - fim cm mvp
"i thought banging luser heads on rocks how originally
got zeroes." -- steve vandevender



Windows Server  >  Security



Comments

Post a Comment

Popular posts from this blog

Group Policy Event ID 1058 Error Code 1326 (The user name or password is incorrect)

-
i seeing odd error on 1 of our domain controllers. have dealt event id 1058 errors whereby policy (or policies) not replicating, receiving error along error code 1326 on server, , apparently happening default domain policy: log name:      system source:        microsoft-windows-grouppolicy date:          8/10/2015 3:09:54 pm event id:      1058 task category: none level:         error keywords:      user:          s-1-5-21-1484152634-2550175353-3916092219-3287 computer:      <dc name>.<domainname> description: processing of group policy failed. windows attempted read file http://schemas.microsoft.com/win/2004/08/events/event ">   <system>     <provi...
Read more

Suspicious event log Event ID: 4905

-
hi thr, could please me understand causing such event logs generate ? as  i understand, vssvc.exe pertains volume shadow copy used backup purpose.  we have third party application used taking backup of servers. the event longs generated following messages: 1) attempt made unregister security event source. 2) attempt made register security event source. these events not regular generated on random days. standard fields: date:               2013/10/19 time:               02:32:19 importance:         critical rule name:          security event monitored machine:  <domain controller> log format:         windows log name:           security event id:           4905 in work hours:      yes dynamic fields: internal timestamp: 2013/10/19 ...
Read more

DCOM received error "2147746132" from...

-
hi everybody, i have dc (my windows essentials 2012 server) , windows 2012 server in network.  the windows server 2012 inside domain. on server, got "non stopping" error says in event logs : ===> dcom received error "2147746132" fromd computer xxxx(my dc computer) while server trying activation : {6df8cb71-153b-4c66-8fc4-e59301b8011b} it never stops, got 11000+ new events :s i found : http://support.microsoft.com/kb/971153/fr i'm not sure should ? does got idea ? matthieu. hi, please try solution mentioned in below link: http://www.eventid.net/display-eventid-10006-source-dcom-eventno-272-phase-1.htm regards, cicely Windows Server  >  Windows Server 2012 General ...
Read more