Key recovery agent certificate invalid Error

Posted on 2016-10-13
Medium Priority
Last Modified: 2016-10-19
I am working with an Aruba vendor to have a dual authentication Clinical Wi-Fi setup for our organization. To my surprise, I'm assuming a 3rd party contractor, setup CA in our Active Directory already. However, what I need it to do is archive keys so that it can work properly with what we're trying to do.
The issue I am having though is that when I right click on my Certification Authority > Properties > Recovery Agents > Archive the key > I get 3 options and all 3 give me an 'Invalid' Status and I'm unsure as to why and how to exactly jump in and fix that since the expiration dates are still good.
If I need to create a new Key Recovery Certificate to get this to work, I'd be open for that too.

Apologize if I'm missing any information, please ask for further details if needed.
Question by:Joe Lowe
  • 3
LVL 22

Expert Comment

by:Jakob Digranes
ID: 41843075
the certificates you're trying to archive are Key Recovery of type? valid dates?

Author Comment

by:Joe Lowe
ID: 41843838
How do I verify to be sure that they are Key Recovery types?  And the dates are valid, expiration date was 3/29/2017.
I have attached the window I am having an issue with.

Accepted Solution

Joe Lowe earned 0 total points
ID: 41844434
Looks like I was able to the solve the issue just by creating a new Key Recovery Cert through:

Author Closing Comment

by:Joe Lowe
ID: 41849733
This worked for our organization.

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Scripts are great for performing batch jobs against users, however sometimes the GUI is all you need.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question