I'm trying to get a new certificate to my router. I revoked the old one and
now I
wanted to get a new one. Each time I go and ask for one I get the Following
on the CA Server (on Windows2000):

Event Type: Error

Event Source: CertSvc
Event Category: None
Event ID: 21
Certificate Services could not process request XX due to an error: The
certificate is revoked.

Anyone know how to solve or workaround this?

Thanks

Seb

How are you trying to request it? Can the CA issue any computer certificates? Since
you revoked the old one make sure your request is for "new keys" and not existing key
set. --- Steve


"seb" wrote in message news:OWc%23YBkoEHA.3392@TK2MSFTNGP15.phx.gbl...
> I'm trying to get a new certificate to my router. I revoked the old one and
> now I
> wanted to get a new one. Each time I go and ask for one I get the Following
> on the CA Server (on Windows2000):
>
> Event Type: Error
>
> Event Source: CertSvc
> Event Category: None
> Event ID: 21
> Certificate Services could not process request XX due to an error: The
> certificate is revoked.
>
> Anyone know how to solve or workaround this?
>
> Thanks
>
> Seb
>
>
>
>

Thank you for response Steve.
I'm requesting new certificate using mscep.
I'm generating new keys set on router side, getting CA certificate,
authenticating using key obtained by mscep web page, and trying to enroll.
At end on router side I receive message that enrollment was rejected by CA,
and on server side logs message about error in processing.
Seb

U¿ytkownik "Steven L Umbach" napisa³ w
wiadomo¶ci news:qrZ4d.252107$Fg5.27132@attbi_s53...
> How are you trying to request it? Can the CA issue any computer
> certificates? Since you revoked the old one make sure your request is for
> "new keys" and not existing key set. --- Steve
>
>
> "seb" wrote in message
> news:OWc%23YBkoEHA.3392@TK2MSFTNGP15.phx.gbl...
>> I'm trying to get a new certificate to my router. I revoked the old one
>> and
>> now I
>> wanted to get a new one. Each time I go and ask for one I get the
>> Following
>> on the CA Server (on Windows2000):
>>
>> Event Type: Error
>>
>> Event Source: CertSvc
>> Event Category: None
>> Event ID: 21
>> Certificate Services could not process request XX due to an error: The
>> certificate is revoked.
>>
>> Anyone know how to solve or workaround this?
>>
>> Thanks
>>
>> Seb
>>
>>
>>
>>
>
>

Ok. I can't be of much more help as I have never used mscep to request a cetificate
for a router. The revoked certificate error is puzzling in that a revoked certificate
is a problem if a revoked certiticate is being used for authentication. You are
requesting a new certificate. Unless your old certificate is being used for
authentication in the process somehow. -- Steve


"Seb" wrote in message news:OMCeFymoEHA.2912@TK2MSFTNGP10.phx.gbl...
> Thank you for response Steve.
> I'm requesting new certificate using mscep.
> I'm generating new keys set on router side, getting CA certificate, authenticating
> using key obtained by mscep web page, and trying to enroll. At end on router side I
> receive message that enrollment was rejected by CA, and on server side logs message
> about error in processing.
> Seb
>
> U¿ytkownik "Steven L Umbach" napisa³ w
> wiadomo¶ci news:qrZ4d.252107$Fg5.27132@attbi_s53...
>> How are you trying to request it? Can the CA issue any computer certificates?
>> Since you revoked the old one make sure your request is for "new keys" and not
>> existing key set. --- Steve
>>
>>
>> "seb" wrote in message news:OWc%23YBkoEHA.3392@TK2MSFTNGP15.phx.gbl...
>>> I'm trying to get a new certificate to my router. I revoked the old one and
>>> now I
>>> wanted to get a new one. Each time I go and ask for one I get the Following
>>> on the CA Server (on Windows2000):
>>>
>>> Event Type: Error
>>>
>>> Event Source: CertSvc
>>> Event Category: None
>>> Event ID: 21
>>> Certificate Services could not process request XX due to an error: The
>>> certificate is revoked.
>>>
>>> Anyone know how to solve or workaround this?
>>>
>>> Thanks
>>>
>>> Seb
>>>
>>>
>>>
>>>
>>
>>
>
>

Oh, one more thing:
I was able to enroll for certificates for this device few times, things
changed when I enforced publish new CRL. Seems CA wasn't checking CRL for
revoked certificates, when old CRL was valid.
Is any way to edit or clear revoked certificates database?
Seb

U¿ytkownik "Steven L Umbach" napisa³ w
wiadomo¶ci news:o8%4d.359907$8_6.103251@attbi_s04...
> Ok. I can't be of much more help as I have never used mscep to request a
> cetificate for a router. The revoked certificate error is puzzling in that
> a revoked certificate is a problem if a revoked certiticate is being used
> for authentication. You are requesting a new certificate. Unless your old
> certificate is being used for authentication in the process somehow. --
> Steve
>
>
> "Seb" wrote in message
> news:OMCeFymoEHA.2912@TK2MSFTNGP10.phx.gbl...
>> Thank you for response Steve.
>> I'm requesting new certificate using mscep.
>> I'm generating new keys set on router side, getting CA certificate,
>> authenticating using key obtained by mscep web page, and trying to
>> enroll. At end on router side I receive message that enrollment was
>> rejected by CA, and on server side logs message about error in
>> processing.
>> Seb
>>
>> U¿ytkownik "Steven L Umbach" napisa³ w
>> wiadomo¶ci news:qrZ4d.252107$Fg5.27132@attbi_s53...
>>> How are you trying to request it? Can the CA issue any computer
>>> certificates? Since you revoked the old one make sure your request is
>>> for "new keys" and not existing key set. --- Steve
>>>
>>>
>>> "seb" wrote in message
>>> news:OWc%23YBkoEHA.3392@TK2MSFTNGP15.phx.gbl...
>>>> I'm trying to get a new certificate to my router. I revoked the old one
>>>> and
>>>> now I
>>>> wanted to get a new one. Each time I go and ask for one I get the
>>>> Following
>>>> on the CA Server (on Windows2000):
>>>>
>>>> Event Type: Error
>>>>
>>>> Event Source: CertSvc
>>>> Event Category: None
>>>> Event ID: 21
>>>> Certificate Services could not process request XX due to an error: The
>>>> certificate is revoked.
>>>>
>>>> Anyone know how to solve or workaround this?
>>>>
>>>> Thanks
>>>>
>>>> Seb
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>

It's working again. Not sure what exactly help, but had to turn off all
servers, including domain controllers, for power maintenance and after that
I was able to get certifcates again.
regards
Seb


U¿ytkownik "Seb" napisa³ w wiadomo¶ci
news:eZKNjS6oEHA.536@TK2MSFTNGP11.phx.gbl...
> Oh, one more thing:
> I was able to enroll for certificates for this device few times, things
> changed when I enforced publish new CRL. Seems CA wasn't checking CRL for
> revoked certificates, when old CRL was valid.
> Is any way to edit or clear revoked certificates database?
> Seb
>
> U¿ytkownik "Steven L Umbach" napisa³ w
> wiadomo¶ci news:o8%4d.359907$8_6.103251@attbi_s04...
> > Ok. I can't be of much more help as I have never used mscep to request a
> > cetificate for a router. The revoked certificate error is puzzling in
that
> > a revoked certificate is a problem if a revoked certiticate is being
used
> > for authentication. You are requesting a new certificate. Unless your
old
> > certificate is being used for authentication in the process somehow. --
> > Steve
> >
> >
> > "Seb" wrote in message
> > news:OMCeFymoEHA.2912@TK2MSFTNGP10.phx.gbl...
> >> Thank you for response Steve.
> >> I'm requesting new certificate using mscep.
> >> I'm generating new keys set on router side, getting CA certificate,
> >> authenticating using key obtained by mscep web page, and trying to
> >> enroll. At end on router side I receive message that enrollment was
> >> rejected by CA, and on server side logs message about error in
> >> processing.
> >> Seb
> >>
> >> U¿ytkownik "Steven L Umbach" napisa³
w
> >> wiadomo¶ci news:qrZ4d.252107$Fg5.27132@attbi_s53...
> >>> How are you trying to request it? Can the CA issue any computer
> >>> certificates? Since you revoked the old one make sure your request is
> >>> for "new keys" and not existing key set. --- Steve
> >>>
> >>>
> >>> "seb" wrote in message
> >>> news:OWc%23YBkoEHA.3392@TK2MSFTNGP15.phx.gbl...
> >>>> I'm trying to get a new certificate to my router. I revoked the old
one
> >>>> and
> >>>> now I
> >>>> wanted to get a new one. Each time I go and ask for one I get the
> >>>> Following
> >>>> on the CA Server (on Windows2000):
> >>>>
> >>>> Event Type: Error
> >>>>
> >>>> Event Source: CertSvc
> >>>> Event Category: None
> >>>> Event ID: 21
> >>>> Certificate Services could not process request XX due to an error:
The
> >>>> certificate is revoked.
> >>>>
> >>>> Anyone know how to solve or workaround this?
> >>>>
> >>>> Thanks
> >>>>
> >>>> Seb
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >>>
> >>
> >>
> >
> >
>
>

Weird? Something was refreshed or cache cleared with shutting down
everything. Glad you got your certificate though. --- Steve


"seb" wrote in message
news:eoUXeeGpEHA.2948@TK2MSFTNGP11.phx.gbl...
> It's working again. Not sure what exactly help, but had to turn off all
> servers, including domain controllers, for power maintenance and after
> that
> I was able to get certifcates again.
> regards
> Seb
>
>
> U¿ytkownik "Seb" napisa³ w wiadomo¶ci
> news:eZKNjS6oEHA.536@TK2MSFTNGP11.phx.gbl...
>> Oh, one more thing:
>> I was able to enroll for certificates for this device few times, things
>> changed when I enforced publish new CRL. Seems CA wasn't checking CRL for
>> revoked certificates, when old CRL was valid.
>> Is any way to edit or clear revoked certificates database?
>> Seb
>>
>> U¿ytkownik "Steven L Umbach" napisa³ w
>> wiadomo¶ci news:o8%4d.359907$8_6.103251@attbi_s04...
>> > Ok. I can't be of much more help as I have never used mscep to request
>> > a
>> > cetificate for a router. The revoked certificate error is puzzling in
> that
>> > a revoked certificate is a problem if a revoked certiticate is being
> used
>> > for authentication. You are requesting a new certificate. Unless your
> old
>> > certificate is being used for authentication in the process somehow. --
>> > Steve
>> >
>> >
>> > "Seb" wrote in message
>> > news:OMCeFymoEHA.2912@TK2MSFTNGP10.phx.gbl...
>> >> Thank you for response Steve.
>> >> I'm requesting new certificate using mscep.
>> >> I'm generating new keys set on router side, getting CA certificate,
>> >> authenticating using key obtained by mscep web page, and trying to
>> >> enroll. At end on router side I receive message that enrollment was
>> >> rejected by CA, and on server side logs message about error in
>> >> processing.
>> >> Seb
>> >>
>> >> U¿ytkownik "Steven L Umbach"
>> >> napisa³
> w
>> >> wiadomo¶ci news:qrZ4d.252107$Fg5.27132@attbi_s53...
>> >>> How are you trying to request it? Can the CA issue any computer
>> >>> certificates? Since you revoked the old one make sure your request is
>> >>> for "new keys" and not existing key set. --- Steve
>> >>>
>> >>>
>> >>> "seb" wrote in message
>> >>> news:OWc%23YBkoEHA.3392@TK2MSFTNGP15.phx.gbl...
>> >>>> I'm trying to get a new certificate to my router. I revoked the old
> one
>> >>>> and
>> >>>> now I
>> >>>> wanted to get a new one. Each time I go and ask for one I get the
>> >>>> Following
>> >>>> on the CA Server (on Windows2000):
>> >>>>
>> >>>> Event Type: Error
>> >>>>
>> >>>> Event Source: CertSvc
>> >>>> Event Category: None
>> >>>> Event ID: 21
>> >>>> Certificate Services could not process request XX due to an error:
> The
>> >>>> certificate is revoked.
>> >>>>
>> >>>> Anyone know how to solve or workaround this?
>> >>>>
>> >>>> Thanks
>> >>>>
>> >>>> Seb
>> >>>>
>> >>>>
>> >>>>
>> >>>>
>> >>>
>> >>>
>> >>
>> >>
>> >
>> >
>>
>>
>
>