sara2000
asked on
(Error 0x80094807) from certificate server: The template was created and published from an existing template.
We have a Ent root certificate server. It is issuing certificates. We are trying to enroll a certificate for a server and got an error. I am not sure whether we have selected the correct template for a webserver or something else. The template was created from a built in server's template and published it as mysrvssl.
The template permission is set to read and enroll for the server and read permission for authenticated users. I also noticed that STATUS:unavailabe when i try to request using certificate console.
The error message was as below when we try to request a SSL cert.
The request template version is newer than the supported version
MySRV.mydomain.loca\CA
Denied by policy Module
The request template version is newer than the supported template version 0X80094807
(-2146875385 CERTSRV_E_BAD_TEMPLATE_VER SION)
The request ID is 9323[/quote]
The template permission is set to read and enroll for the server and read permission for authenticated users. I also noticed that STATUS:unavailabe when i try to request using certificate console.
The error message was as below when we try to request a SSL cert.
The request template version is newer than the supported version
MySRV.mydomain.loca\CA
Denied by policy Module
The request template version is newer than the supported template version 0X80094807
(-2146875385 CERTSRV_E_BAD_TEMPLATE_VER
The request ID is 9323[/quote]
did you duplicated webserver template?
If not duplicate that template, grant respective server account read and enroll permissions, Issue / publish template with AD and run certutil -pulse command on CA server and web server as well and then try again requesting cert from MMC
If not duplicate that template, grant respective server account read and enroll permissions, Issue / publish template with AD and run certutil -pulse command on CA server and web server as well and then try again requesting cert from MMC
ASKER
It was created by my colleague, how do i know which template was used?
Go to duplicated template properties
You will find it in some tab
You will find it in some tab
ASKER
it seems that root cert is not present on client machine from where you requesting certificate
Check from CA server itself if you can request certificate from MMC console
Check from CA server itself if you can request certificate from MMC console
ASKER
No, Server has root cert in the store.
then install root cert on client trusted root store and then try to request certificate
ASKER
I have two servers. I gave serverA to read and enroll permission. I did not add other server (B) in the security TAB.
I was able to enroll on Server A after few minutes since it has all the permission. I requested the cert at server B via MMC console and did not see in the list. But only see that by selecting the "show all".Is it normal?
I was able to enroll on Server A after few minutes since it has all the permission. I requested the cert at server B via MMC console and did not see in the list. But only see that by selecting the "show all".Is it normal?
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Please expand on the process that preceeded the error message.