| Event Id | 58 |
| Source | Microsoft-Windows-CertificationAuthority |
| Description | certificate in the chain for CA certificate %3 for %1 has expired. %2. |
| Event Information | According to Microsoft : Cause : This event is logged when a certificate in the chain for CA certificate has expired. Resolution : Reissue certificates in the chain for an expired CA certificate The certification authority (CA) certificate that has expired will be identified in the event log. To resolve this issue: 1.Check whether the certificate has expired. 2.Confirm the certificate chain. 3.If the problem persists, enable CryptoAPI 2.0 Diagnostics, resolve any errors found, and then reissue and reinstall the expired certificates. Note: To perform these procedures, you must have Manage CA permission, or you must have been delegated the appropriate authority. Check CA certificate expiration To check whether a specific CA certificate has expired: 1.On the computer hosting the CA, clickStart, point toAdministrative Tools, and click Certification Authority. 2.Right-click the CA node, and clickProperties. 3.Expired certificates will be listed with the word (expired) in the list of CA certificates. If all CA certificates are expired, you will have to renew the CA certificate and reissue any certificates below the expired CA certificate. 4.To renew the CA certificate, right-click the CA node, point toAll Tasks, and clickRenew CA Certificate. 5.After the CA certificate has been renewed, restart the CA. 6.If there are unexpired certificates in the list, find the certificate whose CA Version number matches the key ID in the error message. 7.If this certificate has not expired, check for problems with the certificate chain. Export the certificate to a file, and then open a command prompt window, typecertutil -urlfetch -verify Enable CryptoAPI 2.0 Diagnostics To enable CryptoAPI 2.0 Diagnostics: 1.On the computer hosting the CA, clickStart, point toAdministrative Tools, and clickEvent Viewer. 2.In the console tree, expandEvent Viewer, Applications and Services Logs, Microsoft, Windows, and CAPI2. 3.Right-clickOperational, and clickEnable Log. 4.ClickStart, point toAdministrative Tools, and clickServices. 5.Right-clickActive Directory Certificate Services, and clickRestart. 6.Scan the CAPI2 diagnostics log for information that relates to this error. |
| Reference Links | Event ID 58 from Source CertificationAuthority |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.