"No Certificate Templates Could Be Found" error message when a user requests certificate from CA Web enrollment pages

Posted on 2011-05-11
Last Modified: 2012-05-11
I am trying to renew my LCS certificate because it expires tomorrow morning.I have been trying to follow the information in this link.

I was following section four which is titled "4. If the customer has a 2003 Enterprise Edition, Enterprise CA." When I go to http://server/certsrv, I get the error "no certificate templates could be found you do not have permission to request a certificate from this ca or an error occurred while accessing the active directory" so I am unable to request the new certificate.

I also tried following step three titled "3. If the customer has a 2003 Standard Edition, Enterprise CA" and I was able to create the certificate and install it. However instead of being good for a year, the new certificate expires tomorrow morning just like the current one that is being used. Not sure why that happened.

I was trying to follow directions at this link.

However, I don't understand this part of it.

View the Active Directory dNSHostName attribute on the pkiEnrollmentService object. This object is in the following location:
CN=CertificateServer,CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=MyDomain,DC=com

I opened ASDIedit but I am unable to find the place for the dNSHostName attribute.


Question by:JustinGSEIWI

    Author Comment

    I was reading a Microsoft article and it said "A CA cannot issue a certificate with a longer validity period than its own CA certificate." I think this is the reason the new certificate I created will expire tomorrow. Looking at the CA list of issued certificates, all the certificates expire tomorrow. So I think what needs to be done is that some sort of main certificate needs to be renewed. I am not sure if this will occur automatically or if I need to do something.

    Accepted Solution

    I found what I needed in the two links below. First I needed to renew my CA and then I could renew my certificate for communications server.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Email signature management is something that is often overlooked in many organizations or is simply not implemented effectively. Let's take a look at what methods are available for managing this important piece of corporate branding.
    Synchronize a new Active Directory domain with an existing Office 365 tenant
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now