Windows – Certificate Enrollment Fails
KB ID 0000921 Problem I first saw this problem a few years ago trying to get some Windows clients to auto enrol with server 2008, then this week my colleagues could not get new 2019 Domain Controller to enrol for a Kerberos certificate, and the this was caused by the same problem. Symtoms (RPC Error) 1. Test to make sure the client can see the CA, and is able to communicate with it, issue the following command; certutil -pulse As...
Certificate Services Error – ‘The Email name is unavailable and cannot be added to the Subject or Subject Alternate name’
KB ID 0001029 Problem Server: Windows Server 2012 R2 Client: Windows 8 Enterprise I was setting auto-enrollment this morning, and the computer certificates were getting issued but not the user ones. The policies were correct, the registry keys on the clients were correct, even RSOP told me the users ‘should’ be getting certificates. However nothing was working so I decided to ‘manually enroll’ and this...
Deploying Certificates via ‘Auto Enrollment’
KB ID 0000919 Problem SHA CERTIFICATE WARNING: Note This article was written some time ago, ensure your CA environment does NOT use SHA1 for your certificates, if it does, Please visit the following link for migration instructions; Upgrade Your Microsoft PKI Environment to SHA2 (SHA256) I need to setup wireless authentication based on computer certificates, I’ve done similar jobs before by manually issuing certificates for Cisco...