Event ID - 53

Event Id53
SourceMicrosoft-Windows-CertificationAuthority
DescriptionActive Directory Certificate Services denied request %1 because %2. The request was for %3. Additional information: %4
Event InformationAccording to Microsoft:
Cause :
This event is logged when Active Directory Certificate Services denied request.
Resolution :
Remove conditions that prevent a certificate request from being approved
Thes are the following steps to resolve the error.
1.Confirm user account information in Active Directory Domain Services (AD DS).
2.Confirm certificate template information.
3.Confirm the certificate chain for the CA.
4.Check the most recent certificate revocation lists (CRLs).
5.Publish a new CRL.
Confirm user account information in AD DS
Note
To perform this procedure, you must have membership in Domain Admins, or you must have been delegated the appropriate authority.
To confirm user account information:
1.On the domain controller, clickStart, point toAdministrative Tools, and clickActive Directory Users and Computers.
2.In the console tree, select the domain and user group in which the user's account should be located.
3.If the user account exists, right-click the account, clickProperties, and confirm that the user has a properly configured Domain Name System (DNS) name.
Confirm certificate template information
Note:
To perform this procedure, you must have Manage CA permission, or you must have been delegated the appropriate authority.
To confirm certificate template information:
1.On the computer hosting the CA, clickStart, type certtmpl.msc and press ENTER.
2.Right-click the certificate template that you are troubleshooting, and confirm that the user or group has permissions to enroll for a certificate based on this template.
Confirm the certificate chain for the CA
To validate the chain for the CA:
1.ClickStart, type mmc, and then press ENTER.
2.If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then clickContinue.
3.On theFile menu, click Add/Remove Snap-in, clickCertificates, and then click Add.
4.ClickComputer account, and clickNext.
5.Select the computer hosting the CA, clickFinish, and then clickOK.
6.Select each CA certificate in the certificate chain, and clickView Certificate.
7.Click theDetails tab, and clickCopy to File to start the Certificate Export Wizard. Save each certificate with a .cer extension.
8.Open a command prompt and run the following command on each CA certificate: certutil -urlfetch -verify and then press ENTER. Replace with the name of a CA certificate.
Reference LinksEvent ID 53 from Source Microsoft-Windows-CertificationAuthority

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.