Request File Can’t be Located during CA Certificate Renewal
During my work with a customer renewing their Issuing CA’s certificate based on the steps documented in this article, I discovered that the Request file generated couldn’t be located in the default location of %systemDrive% . The Issuing CA didn’t log any errors in the Event Log, nor did it post any error messages. I also searched for all files with the extension *.req on all drives, and still couldn’t find the file.
After some more research, I discovered that my customer changed the default location of the RequestFileName Registry Key during their installation to a drive that no longer exists on the CA. The location configured was a:\%1_%3%4.req. I followed these steps to fix this issue:
- Start the Registry Editor
- Navigate to HKLM\System\CurrentControlSet\Services\Certsvc\Configuration\<CASanitizedName>
- Locate the Registry String RequestFileName
- Change the value from a:\%1_%3%4.req to C:\%1_%3%4.req
- Stop and Start the Certification Active Directory Certificate Services service
I was then able to create the Request File and submit it to the Offline Root CA to process it.
Comments
Anonymous
January 01, 2003
Very informative.Anonymous
February 20, 2014
Thanks, this is the solution off my Problem. Betwin the last Renew off our Issunig CA we have Virtualising the System. so thats the resson we have lost drive a:Anonymous
February 20, 2014
Thanks, this is the solution off my Problem. Betwin the last Renew off our Issunig CA we have Virtualising the System. so thats the resson we have lost drive a:Anonymous
November 21, 2014
This was our issue as well and you got us taken care of....appreciate it!