Windows Server 2008 R2 Active Directory Web Services won't start with SSL
Googling your error got some interesting information about the solution, you may want to start by applying a "Subject Name" to your certificate if not applied already, this appears to be an essential part of the certificate requirements for ADWS, more information can be found here: http://social.technet.microsoft.com/Forums/windowsserver/en-US/5fac0d70-7dff-46f7-8c3a-b2982bc7fffc/adws-event-id-1400
If that didn't solve your problem, then I'd check the following:
- If you installed the certificate on the correct certificate store, which is "Computer / Personal"
- If the type of the certificate you generated and installed on the server is correct, which is Computer certificate.
Hope this helps.
Related videos on Youtube
Valerio Santinelli
Writing back-end, front-end, mobile tech by day and reverse engineering, making games and fun stuff by night.
Updated on September 18, 2022Comments
-
Valerio Santinelli almost 2 years
I am running a Windows 2008 R2 server as a PDC. I've installed the ADWS and I'm trying to get SSL support running but I'm experiencing the following error:
Source: ADWS EventID: 1400
Active Directory Web Services could not find a server certificate with the specified certificate name. A certificate is required to use SSL/TLS connections. To use SSL/TLS connections, verify that a valid server authentication certificate from a trusted Certificate Authority (CA) is installed on the machine.
Certificate name: HEIDI.mkdb.local
Of course I've already installed the CA server on this same machine so that I could get a valid certificate. I've imported the certificate in my server's certificates and I have given it the friendly name HEIDI.mkdb.local as shown in the following screenshot (I can't post screenshots yet..), but still I get this error. What am I missing?
-
Ryan Ries about 10 yearsAs a friendly note, please stop saying 'PDC.' It makes you sound like you traveled here in a time machine from 1999.
-
-
Valerio Santinelli almost 11 yearsThanks for the suggestion. The certificate is a Domain Controller one, so maybe that's the reason why I'm experiencing this issue. Do you know how to issue a new Computer certificate? Is there any way to do that from the Active Directory Certificate Services console?
-
Valerio Santinelli almost 11 yearsI managed to find where to request the new certificate but I'm only allowed to request one of those: "Directory Email Replication", "Domain Controller" and "Domain Controller Authentication". The "Computer" one is unavailable.
-
Noor Khaldi almost 11 yearsLets try to solve this in a different way, try to request a Web Server Certificate from IIS and post the request to YourCertificateServerName/certsrv, you should be able to install the certificate back to IIS and continue your work, let me know so I can edit my answer above if that's the case :)
-
Valerio Santinelli almost 11 yearsI tried but there's no "certsrv" web application installed on the IIS on that machine. Out of frustration I installed a new Windows 2008 R2 from scratch on a virtual box and I did install the CA and AD and it works like a charm.