Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

old MSCEP RA certificates are being used by ndes service

Posted on 2013-05-22
3
Medium Priority
?
1,345 Views
Last Modified: 2013-08-11
Hello,

our Root CA certificate has been renewed so we also needed to renew our MSCEP-RA certificates on the Windows 2008 R2 server where the NDES servides is located. We gave the ndes service account full rights on the private keys of the new certificates. But the ndes service keeps on requesting certificates from our Root CA using the old (now expired) RA certificates.
How do we make the service use the renewed ones?

Best Regards,
Andreas
0
Comment
Question by:braunmiller
  • 2
3 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 39223748
Did you renew certs for both Exchange Enrollment Agent (Offline Request) and the CEP Encryption templates (or a custom template based from them) or just one of them?

When you are looking at the Certificates MMC snap-in, the focus in on Computer account, not User account, correct?  (do not use certmgr.msc for this)

You technically should just need Read access for the service account, but I understand going for full for troubleshooting purposes.

Restart IIS if you haven't.  You also might consider rebooting the OS if you haven't.

Does anything interesting show up in the system or application event logs?
0
 

Accepted Solution

by:
braunmiller earned 0 total points
ID: 39386690
Reinstalling the NDES service solved the problem.
0
 

Author Closing Comment

by:braunmiller
ID: 39399516
We solved the problem by a reinstall of the ndes service.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question