I'm trying to generate a cert for BES 5 from a 2008 DC that is also acting as our cert authority. After generating a CSR for BES, I try to get a cert issued from the CA using the 'web server' template, and it is refused. The CA actually refuses the cert for all templates. This is the error from the event log, which is pretty much the same thing I see in the CA under Failed Requests.
Log Name: Application
Source: Microsoft-Windows-CertificationAuthority
Date: 8/13/2010 6:57:00 PM
Event ID 53
Task Category: None
Level: Warning
Keywords: Classic
User: SYSTEM
Computer: DC/CA.corp.company.com
Description:
Active Directory Certificate Services denied request 53 because The certificate is not valid for the requested usage. 0x800b0110 (-2146762480). The request was for CN=server.corp.company.com, OU=IT, O=COMPANY NAME, L=New York, S=NY, C=US. Additional information: Denied by Policy Module.
I can't find anything online, and I don't know enough about Windows CA's to know what to look for from this point.
Log Name: Application
Source: Microsoft-Windows-CertificationAuthority
Date: 8/13/2010 6:57:00 PM
Event ID 53
Task Category: None
Level: Warning
Keywords: Classic
User: SYSTEM
Computer: DC/CA.corp.company.com
Description:
Active Directory Certificate Services denied request 53 because The certificate is not valid for the requested usage. 0x800b0110 (-2146762480). The request was for CN=server.corp.company.com, OU=IT, O=COMPANY NAME, L=New York, S=NY, C=US. Additional information: Denied by Policy Module.
I can't find anything online, and I don't know enough about Windows CA's to know what to look for from this point.
Last edited: