Solved

Key recovery agent certificate invalid Error

Posted on 2016-10-13
4
20 Views
Last Modified: 2016-10-19
I am working with an Aruba vendor to have a dual authentication Clinical Wi-Fi setup for our organization. To my surprise, I'm assuming a 3rd party contractor, setup CA in our Active Directory already. However, what I need it to do is archive keys so that it can work properly with what we're trying to do.
The issue I am having though is that when I right click on my Certification Authority > Properties > Recovery Agents > Archive the key > I get 3 options and all 3 give me an 'Invalid' Status and I'm unsure as to why and how to exactly jump in and fix that since the expiration dates are still good.
If I need to create a new Key Recovery Certificate to get this to work, I'd be open for that too.

Apologize if I'm missing any information, please ask for further details if needed.
0
Comment
Question by:Joe Lowe
  • 3
4 Comments
 
LVL 21

Expert Comment

by:Jakob Digranes
ID: 41843075
the certificates you're trying to archive are Key Recovery of type? valid dates?
0
 

Author Comment

by:Joe Lowe
ID: 41843838
How do I verify to be sure that they are Key Recovery types?  And the dates are valid, expiration date was 3/29/2017.
I have attached the window I am having an issue with.
CAError.docx
0
 

Accepted Solution

by:
Joe Lowe earned 0 total points
ID: 41844434
Looks like I was able to the solve the issue just by creating a new Key Recovery Cert through:
https://www.youtube.com/watch?v=K-6zgcGbZ3U
0
 

Author Closing Comment

by:Joe Lowe
ID: 41849733
This worked for our organization.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question