Home
  •  

Certificate Load Warning

Microsoft.ActiveDirectoryFederationServices.2016.FederationServerAdditionalCertificateLoadWarningRule (Rule)

Knowledge Base article:

Summary

The certificate could not be found in the Local Computer Personal certificate store.

Causes

The specified certificate either does not exist in the local certificate store, or the AD FS service account does not have permissions to access the certificate.

Resolutions

Ensure that the certificate (identified by its thumbprint in the event text) has been added to the LocalMachine\My store folder on the federation server computer. Also, verify that the AD FS service account has access to the private key for this certificate. For more information, see "Things to Check Before Troubleshooting AD FS" section in the AD FS troubleshooting guide.

Element properties:

TargetMicrosoft.ActiveDirectoryFederationServices.2016.FederationServer
CategoryConfigurationHealth
EnabledTrue
Event_ID249
Alert GenerateTrue
Alert SeverityWarning
Alert PriorityNormal
RemotableTrue
Alert Message
Certificate Load Warning
The certificate that is identified by thumbprint '{0}' could not be found in the certificate store of Localmachine "My" store.
Event Log$Target/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.EventProvider Default
Alert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerAdditionalCertificateLoadWarningRule" Enabled="true" Target="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer" ConfirmDelivery="false" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>ConfigurationHealth</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">

      <ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <LogName>$Target/Property[Type="Microsoft.ActiveDirectoryFederationServices.2016.FederationServer"]/ADFSEventLog$</LogName>

      <Expression>

        <And>

          <Expression>

            <SimpleExpression>

              <ValueExpression>

                <XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>

              </ValueExpression>

              <Operator>Equal</Operator>

              <ValueExpression>

                <Value Type="UnsignedInteger">249</Value>

              </ValueExpression>

            </SimpleExpression>

          </Expression>

          <Expression>

            <RegExExpression>

              <ValueExpression>

                <XPathQuery Type="String">PublisherName</XPathQuery>

              </ValueExpression>

              <Operator>MatchesMOM2005RegularExpression</Operator>

              <Pattern>(^AD FS$)</Pattern>

            </RegExExpression>

          </Expression>

        </And>

      </Expression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>1</Severity>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="Microsoft.ActiveDirectoryFederationServices.2016.FederationServerAdditionalCertificateLoadWarningRule.AlertMessage"]$</AlertMessageId>

      <AlertParameters>

        <AlertParameter1>$Data/Params/Param[1]$</AlertParameter1>

      </AlertParameters>

      <Suppression>

        <SuppressionValue>$Data/Params/Param[1]$</SuppressionValue>

      </Suppression>

      <Custom1/>

      <Custom2/>

      <Custom3/>

      <Custom4/>

      <Custom5/>

      <Custom6/>

      <Custom7/>

      <Custom8/>

      <Custom9/>

      <Custom10/>

    </WriteAction>

  </WriteActions>

</Rule>