Collection Rule for event with source OnlineResponderWebProxy and ID 17 Rule

  • ID:  Microsoft.Windows.CertificateServices.CARole.6.3.OCSPEvents.WebProxy.17
  • Description:  Online Responder web proxy failed to start
  • Target:  Certificate Service (2012 R2)
  • Enabled:  On Essential Monitoring

Run As Profiles

Name
Default

Rule Knowledgebase

Summary

The status and functioning of the Microsoft Online Responder service has dependencies on numerous features and components, including the ability to access timely certificate revocation data, the validity of the certification authority (CA) certificate and chain, and overall system response and availability.

Causes
This rule does not contain any causes.
Resolutions

Enable the Online Responder Web proxy to start

To correct problems that prevent the Online Responder Web proxy from starting:

  • Confirm that the Online Responder is running.

  • Confirm DCOM permissions.

  • If Online Responder-wide configuration properties have become corrupted, refresh the configuration by synchronizing with other Array members.

  • If the corrupted configuration occurs on an Array controller, you can temporarily designate another computer as the Array controller, synchronize the Array, and then use this procedure to reset the original computer to be the Array controller.

  • If refreshing the configuration and none of the other steps do not work, use Server Manager to uninstall and reinstall the Online Responder.

To perform these procedures, you must have membership in local Administrators, or you must have been delegated the appropriate authority.

Confirm that an Online Responder is running

To confirm that the Online Responder service is running:

  • Click Start, point to Administrative Tools, and click Services.

  • Right-click Online Responder Service, and click Restart.

  • After restarting the Online Responder service, click Start, point to Administrative Tools, and click Internet Information Services Manager.

  • Click the name of your computer, and click Application pools.

  • Select the OCSPISAPIAppPool application pool, and click Restart. 

Confirm DCOM permissions

To confirm that the NETWORK SERVICE account has the proper DCOM permissions:

  • Click Start, click Administrative Tools, and click Component Services.

  • Expand Computers and My Computer, and then click DCOM config.

  • Right-click IOCSPAdmin, click Properties, and click the Security tab.

  • Under Launch and Activation Permissions, click Edit, and then confirm that NETWORK SERVICE has Activate permissions.

Synchronize members with an Array controller

To synchronize members with an Array controller:

  • Click Start, point to Administrative Tools, and click Online Responder.

  • In the console tree, click Array Configuration Members.

  • In the Actions pane, click Synchronize Responder Configuration.

If the corrupted configuration occurs on an Array controller, you can temporarily make another computer the Array controller, synchronize the Array, and then reset the original machine to be the Array controller.

Designate an Array controller

To designate an Array controller:

  • Click Start, point to Administrative Tools, and click Online Responder.

  • In the console tree, click Array ConfigurationMembers.

  • Select the Online Responder that you want to designate as the Array controller.

  • In the Actions pane, click Set as Array Controller.

  • Synchronize the Array member with the corrupt configuration, and then reset the updated Array member as the Array controller.

If the problem persists, contact Microsoft Customer Service and Support.

External References
This rule does not contain any external references.

See Also for Active Directory Certificate Services Management Pack


Downloads for Active Directory Certificate Services Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED