• Status: Open
  • Priority: Medium
  • Security: Public
  • Views: 38
  • Last Modified:

Server 2012 SSL Certificate import fails with the file exists 0x80070050

Hit yet another 'overhead' in the ongoing saga of trying to get RDweb going on a 2012 R2

So, now I'm battling with certificates again, I had my 3rd Party SSL installed, but my certificate was installed in (LOCAL) not certserv.msc, so I have installed a bunch of components for AD CS:

CA Web Enrollment
CE Web Service
CE Policy Web Service

So, trying to configure AD CS Configuration, chose Enterprise CA, Subordinate, now at the window with "Create new private key or Use Existing PK", I chose "Existing"..

"Select a certificate and use its associated Private Key" - allows me to import but then drops an error


"Select an existing Private Key on this computer" - doesn't show me my certificate.

"Active Directory Certificate Services setup failed with the following error: the file exists 0x80070050 win32 80 ERROR_FILE_EXISTS"

tried this powershell command, and it failed..
certutil -setreg config\setupstatus -SETUP_CLIENT_FLAG

certutil -setreg config\setupstatus 0x6001

Anybody gotten themselves out of this before?!
  • 3
  • 2
what is relation between public SSL certificate and internal CA installation, there is no relation

If you already have public SSL certificate, you don't need cert from internal CA

Anyways, if you wanted to setup internal CA server, why you are choosing option with existing certificate as you don't have existing CA from where you can export CA cert with private key and import it to new CA setup
Select new option and setup new ADCS
DamianIT incAuthor Commented:
Thank you for your comments.

To be quite honest, I don't know why I have to use AD CS at all, I'm just following tips so I can get this really frustrating RDweb working... and from what I've read, to stop "warning" messages when clients connect externally, apparently I need AD CS, and from what I read today.. I need to install Enterprise CA and Subordinate... but I am still not sure, there's no definitive walkthrough on this procedure.. so I am frankly just lost, there is so much overhead on just having a simple RDweb config running a single server DC.
no need to install ADCS at all

you need to work on existing public SSL cert and you can fix the issue

have you installed public SSL cert on RDS, also does your RDS is also DC?
DamianIT incAuthor Commented:
Hello Mahesh,

Yes, RDS is the DC.

Well, according to Microsoft page I read, once I install AD CS, I can not uninstall it.. so I am a little hesitant to do that.

But, strange thing is now, since I installed AD CS, when I log in I am no longer presented with "domain\administrator" I am presented with Servername\administrator" ... so I am sure I have now made a mess somewhere else... and the frustration grows with RDweb even more... anyway, that's for another topic.
If this is domain controller, you cannot login with server name servername/administrator because there r no local accounts available on dc
Once u install ca role on dc, you cannot demote dc until u uninstall ca role
Better u hire somebody if rds is getting beyond your control

Join & Write a Comment

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now