Collection Rule for event with source CertificationAuthority and ID 28 Rule

  • ID:  Microsoft.Windows.CertificateServices.CARole.6.2.CertSvcEvents.28
  • Description:  Certificate Services did not start: registry problem.
  • Target:  Certificate Service (2012)
  • Enabled:  On Essential Monitoring

Overridable Parameters

Parameter Name Default Value Description Override
Priority 2  
Severity 2  

Run As Profiles

Name
Default

Alert Details

Message Priority Severity
AD CS Registry Settings High Critical

Rule Knowledgebase

Summary

Active Directory Certificate Services (AD CS) records critical configuration settings in the registry and may not start or function properly if this information becomes corrupted or is deleted.

Causes
This rule does not contain any causes.
Resolutions

Fix the CRLPeriod registry key

By default, certification authority (CA) registry configuration information is located under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name.

If the event log message states that the CRLPeriod registry key is not valid, then you can update the registry entry with correct information.

The location of this registry key is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name\CRLPeriod.

Valid strings for this value are "Seconds," "Minutes," "Hours," "Days," "Weeks," "Months," and "Years."

To perform this procedure, you must have membership in local Administrators, or you must have been delegated the appropriate authority.

Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data.

To resolve registry-related problems:

  • On the computer hosting the CA, click Start, type regedit, and press ENTER.

  • Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\CA name\CRLPeriod and correct the invalid registry configuration settings that you find. 

  • Click Start, point to Administrative Tools, and click Certification Authority.

  • Right-click the CA name, and click Restart.

External References
This rule does not contain any external references.

See Also for Active Directory Certificate Services Management Pack


Downloads for Active Directory Certificate Services Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED