CertEnroll::CX509Enrollment::p_CreateRequest returns error 0x800b0112

Artikel
05/28/2009

Hi all,

One of the issues we may find when trying the code in my post How to create a certificate request that uses key archival with CertEnroll (JavaScript) is the following error when creating the request:

CertEnroll::CX509Enrollment::p_CreateRequest: A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478)

This issue can occur if the CA certificate is not in client's Enterprise NTAuth store. The local NTAuth store can be manually populated using the utility certutil.exe:

Certutil -enterprise -addstore NTAuth CaCertificate.cer

More info here:

How to import third-party certification authority (CA) certificates into the Enterprise NTAuth store

I hope this helps.

Regards,

Alex (Alejandro Campos Magencio)

Comments

Anonymous
September 09, 2009
If the requests fails and I try and run it again. It fails because objPrivateKey exists. How can I delete the key?

Freigeben über

CertEnroll::CX509Enrollment::p_CreateRequest returns error 0x800b0112

Comments

Zusätzliche Ressourcen