Active Directory Certificate Services (AD CS) records critical configuration settings in the registry and may not start or function properly if this information becomes corrupted or is deleted.
Fix the CRLPeriod registry key
By default, certification authority (CA) registry configuration information is located under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name.
If the event log message states that the CRLPeriod registry key is not valid, then you can update the registry entry with correct information.
The location of this registry key is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name\CRLPeriod.
Valid strings for this value are "Seconds," "Minutes," "Hours," "Days," "Weeks," "Months," and "Years."
To perform this procedure, you must have membership in local Administrators, or you must have been delegated the appropriate authority.
Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.
To resolve registry-related problems:
On the computer hosting the CA, click Start, type regedit, and press ENTER.
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name\CRLPeriod and correct the invalid registry configuration settings that you find.
Click Start, point to Administrative Tools, and click Certification Authority.
Right-click the CA name, and click Restart.