Collection Rule for event with source CertificationAuthority and ID 128 Rule

  • ID:  Microsoft.Windows.CertificateServices.CARole.6.2.CertSvcEvents.128
  • Description:  Certificate Services may not be configured to enable revocation checking for all issued certificates
  • Target:  Certificate Service (2012)
  • Enabled:  On Essential Monitoring

Run As Profiles

Name
Default

Rule Knowledgebase

Summary

One of the primary functions of a certification authority (CA) is to evaluate certificate requests from clients and, if predefined criteria are met, issue certificates to those clients. In order for certificate enrollment to succeed, a number of elements must be in place before the request is submitted, including a CA with a valid CA certificate; properly configured certificate templates, client accounts, and certificate requests; and a way for the client to submit the request to the CA, have the request validated, and install the issued certificate.

Causes
This rule does not contain any causes.
Resolutions

Enable revocation checking for all issued certificates

To fix this problem, enable Online Responder revocation checking for all time-valid certificates issued by the certification authority (CA).

To perform this procedure, you must have Manage CA permission, or you must have been delegated the appropriate authority.

To enable Online Responder revocation checking for all time-valid certificates issued by the CA:

  • Open a command prompt window on the computer hosting the CA.

  • Type certutil -setreg ca\UseDefinedCACertInRequest 1 and press ENTER.

  • Click Start, point to Administrative Tools, and click Certification Authority.

  • Select the name of the CA, and then click Restart.

External References
This rule does not contain any external references.

See Also for Active Directory Certificate Services Management Pack


Downloads for Active Directory Certificate Services Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED