Thursday, April 29, 2010

The request contains no certificate template information. 0x80094801

I am configuring Active Driectory LDAP SSL using Windows 2003 Enterprise CA, however,
I received the following error while I submit my certificate signing request to Microsoft 2003 Enterprise CA
===================================================================================
The request contains no certificate template information. 0x80094801 (-2146875391)
Denied by Policy Module 0x80094801, the request does not contain a certificate template

extension or the Certificate Template request attribute.
==================================================================================

I checked the Microsoft Helps, got the following explanation:
==============================================================================
The message indicates that there is no certificate template information in the request.

However, there is no option in the Certification Authority MMC snap-in to select a certificate template.

Note Stand-alone CAs do not use certificate templates. Therefore, this issue occurs only when you use the Certification Authority MMC snap-in to request a certificate from an enterprise CA.
=================================================================================

Solution:
Perfom the following steps:
1). Start->Administrative Tools->Certificate Authority
2). Expand the intended certificate authority node on the left pane.
3). Select "Certificate Templates", Check if the following templates available:

* Domain Controller Authentication -------- For Windows 2003
* Domain Controller ----------------------- For Windows 2000
If they are not there, perform step 4)
4). Highlight "Certificate Tempates" on the left pane, and right click it, select
"new", then click "certificate to issue".
5). An "Enable Certificate Templates" dialog popup, Press "Ctrl" key and select the following
Certificate Templates, then click "OK".

* Domain Controller Authentication
* Domain Controller
6). Restart the certificate Authority by select it on the left pane, then click the black
square on the tool bar to stop it, then click the black triangle to start it.
7). Congratulations, you have enabled the certificate template needed to issue Domain

Certificate.
Posted by minfei at 7:55 PM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)