• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 317
  • Last Modified:

certificate error on domain contoller

I have a domain controller who acts as a "Microsoft Active Directory Certificate Services  --  saturn"---CA server.

when I open this page, it always shows the certificate error as showed in the attachment. Could I fix this error?

this is windows server 2008. thanks.
Jason Yu
Jason Yu
  • 3
  • 2
3 Solutions
The windows server Saturn requires a new certificate.  Depending on how your organisation currently provides certificates to your server will depend on how you go about fixing it.

The server itself needs a new certificate as the current certificate has expired.

It is possible to create your own certificates but then you need to set up a suitable internal trust authority to manage certificate disbursement.  You don't want just anybody able to authorise certificates pretending to be your servers.

Generally a certificate for an organisation is obtained from some company like Verisign.
Jason YuAuthor Commented:
Do you mean I need create a user certificate for this server? Or create a root certificate for this server?

After I create this certificate and install it on this server, do I need update all other servers' root certificate because other servers are using the user certificates provided by this server, please advise.

thank you.
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

You need to create a server certificate, not a user certificate.

The certificate that is out of date is the certificate that identifies the server, and is how it encodes/decodes it's SSL connections.

Whoever currently creates your root certificates can remain the same.

The machines that access the server do not require change as they are a client and they request the certificate from the server automatically.  As long as the root certificate for the server is trusted on each of the client machines there will not be any issue.
Jason YuAuthor Commented:
when I was following the link you posted here, I got a different screen as in the attachment, it's different than the one show inside the link.
Jason YuAuthor Commented:
When I was creating the server certificate, I get a different screen, it's different than the one showed on the article.

It only has Saved Request:

Base-64-encoded certificate request:....

It doesn't have a place to input key options.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now