Certificate Services Fails to Start

While troubleshooting an 802.1x wireless client on my network I came across an issue where certificate service on a 2003 active directory server kept crashing with the following error:

Event ID: 7024
Source: Service Control Manager

The Certificate Services service terminated with service-specific error 2148204801 (0x800B0101)

Attempting to start Certificate Services from the Certificate Authority console yeilded:

A required certificate is not whtin its validity period when verifying against the current system clock or the timestamp in the signed file. 0x800b0101 (-2146762495)

Upon further research I discovered that this is caused by an expired CA Authority Certificate.

This Technet article gave the solution.

To renew a root certification authority

1. Log on to the system as a Certification Authority Administrator.
Certification Authority (Computer)/CA name

• If you want to generate a new public and private key pair for the certification authority’s certificate, click Yes. • If you want to reuse the current public and private key pair for the certification authority’s certificate, click No.Note

To open Certification Authority, click Start, click Control Panel, double-click Administrative Tools, and then double-click Certification Authority.

Comments