Windows error 0x80094001, -2146877439

Detailed Error Information

CERTSRV_E_BAD_REQUESTSUBJECT[1]

MessageThe request subject name is invalid or too long.
Declared inwinerror.h

HRESULT analysis[2]

FlagsSeverityFailure
Reserved (R)false
OriginMicrosoft
NTSTATUSfalse
Reserved (X)false
FacilityCode9 (0x009)
NameFACILITY_SSPI[2][1]
DescriptionThe source of the error code is the Security API layer.[2][1]
Error Code16385 (0x4001)

Questions

1vote
0answers

Scripting user enrollment on Microsoft AD CS

I need to be able to auto-enroll a huge number of users using Microsoft AD CS. I have create a certificate template that these users are able to auto-enroll with. I now need to create the requests and accept the certificates automatically, without UI interaction. My first thought was to [...] read more
templates
certificate
pki
certreq
0votes
0answers

Submit SPKAC with subject to standalone ADCS

Microsoft's documentation suggests that it's possible to include a subject with a SPKAC CSR - https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wcce/f88ecd9a-26bb-4b74-a471-4c46e773f75b. However, when passing the RDN attribute with certeq on Windows Server 2016, the submission fails: > certreq -Submit -attrib "CertType:server\nChallenge:$Challenge\nRDN:CN=Bob" -Config $Config C:\path\to\spkac.req > certutil -Resubmit $RequestId CertUtil: -resubmit command FAILED: 0x80094001 (-2146877439 CERTSRV_E_BAD_REQUESTSUBJECT) [...] read more
windows
powershell
certificate-authority
ad-certificate-services
pki

Comments

Leave a comment

(plain text only)

Sources

  1. winerror.h from Windows SDK 10.0.14393.0
  2. https://msdn.microsoft.com/en-us/library/cc231198.aspx

User contributions licensed under CC BY-SA 3.0