Thursday, April 29, 2010

Certificate not issued (Denied) Denied by Policy Module The DNS name is unavaila ble and cannot be added to the Subject Alternate name. 0x8009480f

I am configuring Active Driectory LDAP SSL using Windows 2003 Enterprise CA, however,
I received the following error while I submit my certificate signing request to Microsoft 2003 Enterprise CA

-----------------------------------------------------------------------
Certificate not issued (Denied) Denied by Policy Module The DNS name is unavaila
ble and cannot be added to the Subject Alternate name. 0x8009480f (-2146875377)
Certificate Request Processor: The DNS name is unavailable and cannot be added t
o the Subject Alternate name. 0x8009480f (-2146875377)
Denied by Policy Module
-----------------------------------------------------------------------

Solution to this issue.
1). Click start->run, then key in command mmc
2). Click File in the mmc console, then select Add/Remove Snap-in...
3). Click Add... buton in the Add/Remove Snap dialog
4). Select Certificate Templates, Click Add
5). Close the window in step 4) available standalone snap-in window.
6). You will see "Certificate Templates", Click OK.
7). Find "Domain Controller Authentication" in "Console Root\Certificate Templates"
8). Double click "Domain Controller Authentication" to open it.
9). You can change the validity of a certificate in "Domain Controller Authentication

Properties" window,change it to 10, meaning this certificate will be valid for 10 years.
10). Select the "Subject Name" tab, then select "Supply in the request", click Apply
11). Select the "Security" tab, select "Authenticated Users", in the permissions for

authenticated users section, make sure "Allow" for Enroll. Click OK to close "Domain

Controller Authentication Properties" window.
12)
Re-submit the certificate request using the follwing command:
certreq -submit -attrib "Certificate Template: DomainControllerAuthentication" request.req

3 comments:

  1. Life is all about timing... the unreachable becomes reachable, the unavailable become available, the unattainable... attainable. Have the patience, wait it out It's all about timing. See the link below for more info.


    #unavailable
    www.ufgop.org

    ReplyDelete
  2. I'm pretty sure doing this will blow a security hole in your sever.

    ReplyDelete
  3. Youre so cool! I dont suppose Ive read anything like this before. So nice to search out somebody with some original ideas on this subject. realy thanks for starting this up. this web site is something that is wanted on the web, somebody with a little bit originality. helpful job for bringing one thing new to the web! casino slots

    ReplyDelete