Thursday, April 29, 2010

Certificate not issued (Denied) Denied by Policy Module The DNS name is unavaila ble and cannot be added to the Subject Alternate name. 0x8009480f

I am configuring Active Driectory LDAP SSL using Windows 2003 Enterprise CA, however,
I received the following error while I submit my certificate signing request to Microsoft 2003 Enterprise CA

-----------------------------------------------------------------------
Certificate not issued (Denied) Denied by Policy Module The DNS name is unavaila
ble and cannot be added to the Subject Alternate name. 0x8009480f (-2146875377)
Certificate Request Processor: The DNS name is unavailable and cannot be added t
o the Subject Alternate name. 0x8009480f (-2146875377)
Denied by Policy Module
-----------------------------------------------------------------------

Solution to this issue.
1). Click start->run, then key in command mmc
2). Click File in the mmc console, then select Add/Remove Snap-in...
3). Click Add... buton in the Add/Remove Snap dialog
4). Select Certificate Templates, Click Add
5). Close the window in step 4) available standalone snap-in window.
6). You will see "Certificate Templates", Click OK.
7). Find "Domain Controller Authentication" in "Console Root\Certificate Templates"
8). Double click "Domain Controller Authentication" to open it.
9). You can change the validity of a certificate in "Domain Controller Authentication

Properties" window,change it to 10, meaning this certificate will be valid for 10 years.
10). Select the "Subject Name" tab, then select "Supply in the request", click Apply
11). Select the "Security" tab, select "Authenticated Users", in the permissions for

authenticated users section, make sure "Allow" for Enroll. Click OK to close "Domain

Controller Authentication Properties" window.
12)
Re-submit the certificate request using the follwing command:
certreq -submit -attrib "Certificate Template: DomainControllerAuthentication" request.req

3 comments:

  1. Life is all about timing... the unreachable becomes reachable, the unavailable become available, the unattainable... attainable. Have the patience, wait it out It's all about timing. See the link below for more info.


    #unavailable
    www.ufgop.org

    ReplyDelete
  2. There are things in our life that is not eternal thus we stand still and never show weaknesses. This only means that we are strong enough to face everything either it is big or small. Visit my site for more good vibes and inspirational thoughts. Good day!

    n8fan.net

    www.n8fan.net

    ReplyDelete
  3. I'm pretty sure doing this will blow a security hole in your sever.

    ReplyDelete