J
Jack Dobiash
Hello, about two weeks ago I started getting the
following error on one of my domain controllers:
Event Type: Error
Event Source: Schannel
Event Category: None
Event ID: 36870
Date: 3/9/2004
Time: 8:10:19 AM
User: N/A
Computer: FS-11
Description:
A fatal error occurred when attempting to access the SSL
server credential private key. The error code returned
from the cryptographic module is 0xffffffff.
I did some research and someone said that my computer
might not be able to complete the trust chain on the
certificate that is being used for SChannel. Using
dsstore -dcmon, I found the following:
*** Testing FS-11
** Issuers for Certs in Enterprise Root on FS-11
CTGR Root CA
CTGR Root CA
CTGR Root CA
CTGR Root CA
CTGR Root CA
** KDC Certs for this DC
(Autoenrolled cert)
Issuer:: CTGR Root CA
Subject:: fs-11.grandronde.org
SerialNumber:: 6xxxxxx0000000000003
ERROR Line: 838 -> CertVerifyCertificateChainPolicy -
Chain Status failure Error
:: 80092013
1 KDC certs for FS-11
---------------------
Now, anyone know how to fix this? I can see that the
Trust for the Chain is indeed broken, so how do I go
about repairing it? Thanks!
Jack Dobiash
jack.dobiash at grandronde.org
Confederated Tribes of Grand Ronde
following error on one of my domain controllers:
Event Type: Error
Event Source: Schannel
Event Category: None
Event ID: 36870
Date: 3/9/2004
Time: 8:10:19 AM
User: N/A
Computer: FS-11
Description:
A fatal error occurred when attempting to access the SSL
server credential private key. The error code returned
from the cryptographic module is 0xffffffff.
I did some research and someone said that my computer
might not be able to complete the trust chain on the
certificate that is being used for SChannel. Using
dsstore -dcmon, I found the following:
*** Testing FS-11
** Issuers for Certs in Enterprise Root on FS-11
CTGR Root CA
CTGR Root CA
CTGR Root CA
CTGR Root CA
CTGR Root CA
** KDC Certs for this DC
(Autoenrolled cert)
Issuer:: CTGR Root CA
Subject:: fs-11.grandronde.org
SerialNumber:: 6xxxxxx0000000000003
ERROR Line: 838 -> CertVerifyCertificateChainPolicy -
Chain Status failure Error
:: 80092013
1 KDC certs for FS-11
---------------------
Now, anyone know how to fix this? I can see that the
Trust for the Chain is indeed broken, so how do I go
about repairing it? Thanks!
Jack Dobiash
jack.dobiash at grandronde.org
Confederated Tribes of Grand Ronde
