robertsgroup33
asked on
Certificate service will not stay started for Windows 2003 Server
I have a Windows 2003 server that is running Certificate services. I recently renewed the certificate. The CertSvc will not stay started. I can start the service without an error but when I refresh the page the service is stopped again. I receive the following logs:
Event Type: Error
Event Source: CertSvc
Event Category: None
Event ID: 58
Date: 10/23/2008
Time: 10:04:03 AM
User: N/A
Computer: EXCHANGE01
Description:
A certificate in the chain for CA certificate 0 for has expired. A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: CertSvc
Event Category: None
Event ID: 100
Date: 10/23/2008
Time: 10:04:03 AM
User: N/A
Computer: EXCHANGE01
Description:
Certificate Services did not start: Could not load or verify the current CA certificate. A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7024
Date: 10/23/2008
Time: 10:06:28 AM
User: N/A
Computer: EXCHANGE01
Description:
The Certificate Services service terminated with service-specific error 2148204801 (0x800B0101).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Any help would be appreciated.
Event Type: Error
Event Source: CertSvc
Event Category: None
Event ID: 58
Date: 10/23/2008
Time: 10:04:03 AM
User: N/A
Computer: EXCHANGE01
Description:
A certificate in the chain for CA certificate 0 for has expired. A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: CertSvc
Event Category: None
Event ID: 100
Date: 10/23/2008
Time: 10:04:03 AM
User: N/A
Computer: EXCHANGE01
Description:
Certificate Services did not start: Could not load or verify the current CA certificate. A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7024
Date: 10/23/2008
Time: 10:06:28 AM
User: N/A
Computer: EXCHANGE01
Description:
The Certificate Services service terminated with service-specific error 2148204801 (0x800B0101).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Any help would be appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did you check the CA's root signing certificate? (and all the other certificates up the signing chain?)
Try to identify by modifying the following error details with yours:
C:\>certutil -error 2148204801 0x800b0101 (-2146762495) -- 2148204801 (-2146762495)
Try to identify by modifying the following error details with yours:
C:\>certutil -error 2148204801 0x800b0101 (-2146762495) -- 2148204801 (-2146762495)
ASKER
This is what I get.
C:\>certutil -error 2148204801
0x800b0101 (-2146762495) -- 2148204801 (-2146762495)
Error message text: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file
.
CertUtil: -error command completed successfully.
C:\>certutil -error 2148204801
0x800b0101 (-2146762495) -- 2148204801 (-2146762495)
Error message text: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file
.
CertUtil: -error command completed successfully.
It makes sure, one or more certificate has been expired. You may find that now. and need to replace same.
ASKER
I have renewed all certs.
ASKER
I renewed the cert again in the CA snap in and it looks like its working now.
ASKER