Certificate Services did not start: registry problem.
Active Directory Certificate Services (AD CS) records critical configuration settings in the registry and may not start or function properly if this information becomes corrupted or is deleted.
Fix the CRLPeriod registry key
By default, certification authority (CA) registry configuration information is located under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name.
If the event log message states that the CRLPeriod registry key is not valid, then you can update the registry entry with correct information.
The location of this registry key is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name\CRLPeriod.
Valid strings for this value are "Seconds," "Minutes," "Hours," "Days," "Weeks," "Months," and "Years."
To perform this procedure, you must have membership in local Administrators, or you must have been delegated the appropriate authority.
Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.
To resolve registry-related problems:
On the computer hosting the CA, click Start, type regedit, and press ENTER.
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name\CRLPeriod and correct the invalid registry configuration settings that you find.
Click Start, point to Administrative Tools, and click Certification Authority.
Right-click the CA name, and click Restart.
To confirm the certification authority (CA) registry settings:
After you have finished making any changes to registry settings for the CA, click Start, point to Administrative Tools, and click Certification Authority.
Select the CA name, and click Restart.
Click Start, type cmd and press ENTER.
Type certutil -getreg ca\security and press ENTER.
If there are no more corrupt settings, the text -getreg command completed successfully will appear.
Target | Microsoft.Windows.CertificateServices.CARole.2016 | ||
Category | EventCollection | ||
Enabled | True | ||
Event_ID | 28 | ||
Event Source | Microsoft-Windows-CertificationAuthority | ||
Alert Generate | True | ||
Alert Severity | Error | ||
Alert Priority | High | ||
Remotable | True | ||
Alert Message |
| ||
Event Log | Application |
ID | Module Type | TypeId | RunAs |
---|---|---|---|
DS | DataSource | Microsoft.Windows.EventProvider | Default |
Alert | WriteAction | System.Health.GenerateAlert | Default |
WriteToCertSvcEvents | WriteAction | Microsoft.Windows.CertificateServices.CARole.CertSvcEvents.Publisher | Default |
WriteToDB | WriteAction | Microsoft.SystemCenter.CollectEvent | Default |
<Rule ID="Microsoft.Windows.CertificateServices.CARole.2016.CertSvcEvents.28" Enabled="true" Target="CSDisc!Microsoft.Windows.CertificateServices.CARole.2016" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">28</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">Microsoft-Windows-CertificationAuthority</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="WriteToDB" TypeID="SC!Microsoft.SystemCenter.CollectEvent"/>
<WriteAction ID="WriteToCertSvcEvents" TypeID="Microsoft.Windows.CertificateServices.CARole.CertSvcEvents.Publisher"/>
<WriteAction ID="Alert" TypeID="Health!System.Health.GenerateAlert">
<Priority>2</Priority>
<Severity>2</Severity>
<AlertMessageId>$MPElement[Name="AlertMessageID5ccff8704e364cdf96a7e34d3b709f87"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>
<SuppressionValue>$Data/PublisherName$</SuppressionValue>
<SuppressionValue>$Data/LoggingComputer$</SuppressionValue>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>