Re: Certificate Services

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 08/10/04 

Date: Tue, 10 Aug 2004 13:13:18 +0200

Hi Jon,

do you have two or more tire CA server setup?

It looks to me that CA service that you are trying to start is having
problem finding CRL list from one of it's parent CA servers. Check that all
CRL lists are available, valid and accessible from CA that you are trying to
start. Check that your server trusts all parent CAs.

I hope this helps,

Mike

"Jon" <anonymous@discussions.microsoft.com> wrote in message
news:33f501c47eb3$5bc2df00$a401280a@phx.gbl...
> Hi.
>
> I get an error message from the Certsvc when I try to
> start it:
>
> "The revocation function was unable to check revocation
> because the revocation server was offline."
>
> And I get these in eventlog:
>
> ---
> Event Type: Error
> Event Source: CertSvc
> Event Category: None
> Event ID: 100
> Date: 2004-08-10
> Time: 10:11:54
> User: N/A
> Computer: EDUSRV01
> Description:
> Certificate Services did not start: Could not load or
> verify the current CA certificate. EDU Issuing CA 1 The
> revocation function was unable to check revocation
> because the revocation server was offline. 0x80092013 (-
> 2146885613).
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> ---
>
> Event Type: Warning
> Event Source: CertSvc
> Event Category: None
> Event ID: 48
> Date: 2004-08-10
> Time: 10:11:54
> User: N/A
> Computer: EDUSRV01
> Description:
> Revocation status for a certificate in the chain for CA
> certificate 0 for EDU Issuing CA 1 could not be verified
> because a server is currently unavailable. The
> revocation function was unable to check revocation
> because the revocation server was offline. 0x80092013 (-
> 2146885613).
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> ---
>
> Event Type: Error
> Event Source: Service Control Manager
> Event Category: None
> Event ID: 7024
> Date: 2004-08-10
> Time: 10:11:55
> User: N/A
> Computer: EDUSRV01
> Description:
> The Certificate Services service terminated with service-
> specific error 2148081683 (0x80092013).
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
> ---
>
> I found an KB that apply to 2000 server with SP4 but
> nothing on Server 2003.
>
> How can I get the Certificate server to function
> propperly?

Relevant Pages

  • Remoting through Authenticating Proxy using SSL
    ... certificate is invalid according to the validation procedure. ... function was unable to check revocation for the certificate. ... function was unable to check revocation because the revocation server was ... The network trace also shows that the proxy authentication negotiation is ...
    (microsoft.public.dotnet.distributed_apps)
  • CA Troubles
    ... I am in the process of setting up a two-tier implentation of Certificate ... Services in a Windows 2003 Server environment (Offline Root and Online ... The revocation function was unable to check revocation ...
    (microsoft.public.windows.server.security)
  • Re: eap-tls and peap-tls
    ... Certificate revocation is NOT designed as a user control mechanism, ... We have all the authentication working perfectly using> eap-tls, we're now testing the certificate revocation for the opps> people. ... Should the IAS server check for> revocation list as set on the CA schedule? ...
    (microsoft.public.internet.radius)
  • Re: Certificate Services
    ... The problem occurs on the Issuing CA (Enterprise Sub- ... Whitch one is the "Revocation Server"? ... >> Revocation status for a certificate in the chain for CA ...
    (microsoft.public.windows.server.networking)
  • Certificate Services
    ... "The revocation function was unable to check revocation ... because the revocation server was offline." ... verify the current CA certificate. ...
    (microsoft.public.windows.server.networking)