Event ID/Source search
Keyword searchExample: Windows cannot unload your registry file
Event ID: 100 Source: CertSvc
Certificate Services did not start: Could not load or verify the current CA certificate. Enterprise-Sub The revocation function was unable to check revocation because the revocation server was offline.
|English: Request a translation of the event description in plain English.|
|Concepts to understand:|
What is a Certificate Authority?
What is the role of Certificate Service?
Peter Van Gils
If your root CA is intentionally put offline, run this command on the subordinate CA:
certutil –setreg ca\CRLFlags +CRLF_REVCHECK_IGNORE_OFFLINE
T774550 advises the following troubleshooting steps:
1. Load and confirm a valid CA certificate and chain
2. Confirm that a valid CA certificate exists on the computer hosting the CA
3. Confirm that a valid CA certificate exists in the AIA container
4. Validate the CA certificate chain
5. Check and publish CRLs
See the article for full details.
If you are running a Windows Server 2008-based computer that has a third-party key storage provider (KSP) installed, when the Active Directory Certificate Services service starts, it tests the private key by signing a random SHA1 hash. If the KSP that is used for the private key does not allow for SHA1 hash signing (The KSP may be configured to disallow SHA1 hash signing or may not support it), the Active Directory Certificate Services service does not start and this event occurs. See ME952722 for a hotfix applicable to Windows Server 2008.
When you restart your computer after you upgrade to Windows 2000 Service Pack 4 (SP4), the Certificate Services service (CertSvc) does not start.See ME825061 to fix the problem.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (1) - More links...|
|Custom search for *****: Google - Bing - Microsoft - Yahoo|
Send comments or solutions
- Notify me when updated