KB ID 0001033
Problem
Seen in the application log of a Windows Certificate Services server (Server 2012 R2)
Log Name: Application Source: Microsoft-Windows-CertificationAuthority Date: 07/02/2015 15:55:26 Event ID: 128 Task Category: None Level: Warning Keywords: User: SYSTEM Computer: PNLPKI00v.petenetlive.com Description: An Authority Key Identifier was passed as part of the certificate request 29. This feature has not been enabled. To enable specifying a CA key for certificate signing, run: "certutil -setreg caUseDefinedCACertInRequest 1" and then restart the service.
Solution
The event is pretty much telling you exactly what to do to fix it! Open an elevated command prompt and enter the following commands;
certutil -setreg caUseDefinedCACertInRequest 1 net stop CertSvc net start CertSvc
Or you can simply open the registry editor and navigate to;
HKLM > SYSTEM > CurrentControlSet > Services > CertSvc > Configuration > {your-server-name}
Change UserDefinedCACertInRequest and change its value to 1 (one). then restart the certificate services service.
Related Articles, References, Credits, or External Links
NA