139 questions with Windows Server Identity and access Certificates and public key infrastructure (PKI) tags

Sort by: Updated
Updated Created Answers
4 answers

mTLS 0- Schannel Not Requesting Client Cert for LDAPS mTLS on Windows Server 2022

Setup: I have an application running on external machine (machine.test.local) that uses LDAP to authenticate users against a Windows Server 2022 Active Directory Domain Controller (W22Server.test.local) over LDAPS (port 636). I want to secure and…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-02-25T17:44:17+00:00
Anonymous
answered 2025-02-27T12:46:59+00:00
Anonymous
7 answers

How to select a new certificate for Windows Admin Center v 2.4?

Want to replace the auto-signed certificate with a new one created and available in the computer's certificate store. How to select a new certificate for Windows Admin Center v 2.4? Thanks.

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-16T07:48:32+00:00
Anonymous
answered 2025-02-25T22:21:06+00:00
Anonymous
1 answer

Impact of KB5052000

Hi, Did anyone facing any impact due to MS latest patch KB5052000 release in Feb 2025. MS didn't mention anything about certificate-based authentication will be changed. But in my environment, CA got changed to another different server, and users are…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-02-25T09:07:11+00:00
Anonymous
answered 2025-02-25T13:12:05+00:00
Anonymous
6 answers

KB5014754: Certificate-based authentication changes on Windows domain controllers- KB not found for server 2022 or 2019

Hi Team, This is regarding the update from Microsoft about the article KB5014754: Certificate-based authentication changes on Windows domain controllers.  As per the MS article this update addresses critical security vulnerabilities (CVE-2022-34691,…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-06T11:00:08+00:00
Anonymous
answered 2025-02-20T19:57:47+00:00
Anonymous
7 answers

CertSrv service 500.19 internal server error.

We have an issue where our certificate server is showing a status 500.19 Internal Server Error. Error code 0x80070003 Cannot read configuration file Config File \?\c:\Windows\system32\CertSrv\en-US\web.config - I see there is no web.config file listed…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-02-13T16:03:41+00:00
Anonymous
answered 2025-02-20T15:43:53+00:00
Anonymous
3 answers

Impact or known issues of KB5052000

Hi, Did anyone facing any impact due to MS latest patch KB5052000 release on Feb 2025. MS didn't mention anything about certificate based authentication will changed to full enforcement after installing this update or any other related information in the…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-02-18T20:10:07+00:00
Anonymous
answered 2025-02-19T07:00:01+00:00
Anonymous
4 answers

KB5014754 Certificate based authentication changes on DC's

In my small environment of less than 100 users, I'm using windows server 2022 as domain controllers. These are patched to January 2025 updates. I do not see strongcertificatebindingenforcement key in the registry. I would expect that key to show up at…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-28T18:33:23+00:00
Anonymous
answered 2025-02-14T04:45:10+00:00
Anonymous
1 answer

Military CAC Certs Keep Getting Wiped

I just bought a new HP Omen 17 with Windows 11. Owned for a month and every time it updates it wipes my CAC trusted certs from the directory. I’ve been reinstalling the certs with CertUtil each time but it’s happening on a weekly basis. Is there any way…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-02-12T21:48:25+00:00
Anonymous
answered 2025-02-13T08:01:24+00:00
Anonymous
4 answers

KB5014754 Certificate based authentication changes on domain controllers

I had asked an earlier question on KB 5014754 and received a response that was well thought out and detailed. It certainly helped with defining our next steps to address and accommodate for the changes. So, thank you for that. Couple of additional…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-31T18:20:25+00:00
Anonymous
answered 2025-02-03T11:25:26+00:00
Anonymous
1 answer

Migrating NDES templates to a new CA

Hello, Could you kindly refer me to the officially supported procedure to migrate NDES templates to a new CA? I have found a few documents, some of which go into altering the registry. Thanks, Regards,

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2024-10-11T14:04:02+00:00
Anonymous
answered 2025-02-03T06:59:22+00:00
Anonymous
2 answers

Interactive Logon Smart Card

I am creating a Domain GPO for Smart Card Logon. When I go into Interactive Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Security Options the option Interactive logon: Require smart card is…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-31T18:37:18+00:00
Anonymous
answered 2025-01-31T19:17:12+00:00
Anonymous
3 answers

Microsoft Smart Card Key Storage Provider

When deploying a CA for the first time to support Smart Card logon I get the following error, an error occurred when creating the new key container. Please make sure the CSP is installed correctly or select another CSP. The CSP is the Microsoft Smart…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-30T13:42:49+00:00
Anonymous
answered 2025-01-30T14:12:24+00:00
Anonymous
1 answer

How to Obtain Microsoft Secure Boot Certificate?

I’ve read that Microsoft offers a service to analyze and sign non-Microsoft bootloaders so they’re trusted by all “Certified for Windows” PCs. I’m interested in getting my current Linux bootloader signed. I came across this article describing certain…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-20T20:58:39+00:00
Anonymous
answered 2025-01-27T11:13:20+00:00
Anonymous
1 answer

CAC reader and all USB ports not reading

I recently updated my government computer and suddenly I cannot log in. I don’t know what update version it is, but it’s Windows 11. Even though my CAC works perfectly on other computers, now suddenly my CAC reader stopped recognizing any card inserted…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-21T03:09:24+00:00
Anonymous
answered 2025-01-27T03:20:54+00:00
Anonymous
1 answer

Windows not recognizing CAC card.

I have had issues in the past with this but now no fixes are working. I have been utilizing a SCM SCR3310V2 CAC card reader on my personal computer to access websites like myPay, MOL and DTS and it has always read my cac. Last week I installed IOBit…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-20T16:38:44+00:00
Anonymous
answered 2025-01-21T08:46:34+00:00
Anonymous
14 answers

Server 2025 Domain not honoring "Allow name-based strong mappings for certificates" GPO setting

I am working to harden a Citrix FAS smartcard environment per the Microsoft recommendations, and I have found that the "Allow name-based strong mappings for certificates" GPO setting is not being honored on Server 2025 domain controllers. If…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-18T15:07:33+00:00
Anonymous
answered 2025-01-19T00:51:13+00:00
Anonymous
1 answer

How to Configure CBA for exchange 2019 on premise??

Good day, I was setting up CBA for active sync and owa on exchange on premise 2019 following this guide https://learn.microsoft.com/en-us/exchange/plan-and-deploy/post-installation-tasks/configure-certificate-based-auth?view=exchserver-2019 on my test…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-15T09:33:49+00:00
Anonymous
answered 2025-01-15T11:44:05+00:00
Anonymous
1 answer

How do I add a business account to be user account to a computer I have just upgraded to Windows Pro?

I have upgraded to Windows Pro and would like to create a user account so that when the laptop starts up the user can sign into their profile rather than the admnistrator account. How do I set up that profile? So far I have gone to accounts> Access…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-13T02:22:34+00:00
Anonymous
answered 2025-01-14T11:41:10+00:00
Anonymous
1 answer

transports "internal" type credential windows hello PIN pop-up issue

Steps to reproduce the problem Prepare two Windows PCs. Called PC A and PC B for distinction (both PCs, using WIN1022H2 version) Go to the webuathn.io site PC A attempted to register FIDO2 with test_account account. When registering FIDO2, create…

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2024-09-23T02:57:55+00:00
Anonymous
answered 2025-01-14T07:58:28+00:00
Anonymous
1 answer

how to find server license key

how to find server license key

Windows Server Identity and access Certificates and public key infrastructure (PKI)
asked 2025-01-08T12:19:05+00:00
Anonymous
answered 2025-01-08T13:08:50+00:00
Anonymous