Prev: Error deleting file or folder
Next: windows 2003 server shutdown and reboot automatically.
From: PeterB on 7 May 2007 20:17
Hi,

I am trying to create an SSL certificate for our website with the correct
Subject to remove the "Address mismatch" error caused by using the default
certificate. Whenever I try to create the certificate through IIS and import
the resulting request file into Certificate Services, it rejects the file and
complains about no template being specified. When I open up the command
prompt and enter Certreq -attrib "CertificateTemplate:DomainController"
[filename], it gives me a DNS error.

The error reads as follows: "Certificate not issued (Denied) Denied by
Policy Module The DNS name is unavailable and cannot be added to the Subject
Alternate name. 0x8009480f (-2146875377) Certificate Request Processor: The
DNS name is unavailable and cannot be added to the Subject Alternate name.
0x8009480f (-2146875377) Denied by Policy Module"

I have also tried adding the DNS name to the arguments, but this doesn't
change anything. "C:\>CERTREQ -submit -attrib
"CertificateTemplate:DomainController\nSAN:DNS=[dns_target]"

The address that it is complaining about is present in DNS - when I ping it,
it picks up the correct hostname and IP address. Just in case this wasn't
enough, I tried adding each individual DNS address to the certificate as
explained here: http://guy.netguru.co.il/categories/6-Security - This also
makes no difference.

The server is running Windows Server 2003 R2 Standard Edition and is the
domain controller.

Can anyone offer any suggestions as to what I am doing wrong?

Thanks
 | 
Pages: 1
Prev: Error deleting file or folder
Next: windows 2003 server shutdown and reboot automatically.