| Event Id | 51 |
| Source | Microsoft-Windows-CertificationAuthority |
| Description | A certificate in the chain for CA certificate %3 for %1 has been revoked. %2. |
| Event Information | According to Microsoft : Cause : This evnt is logged when A certificate in the chain for CA certificate %3 for %1 has been revoked. Resolution : Reissue certificates in the chain for a revoked CA certificate Although it is not common for a certification authority (CA) certificate to be revoked. To resolve this situation: 1.Confirm that the CA certificate has been revoked. 2.Ask a CA administrator if the revocation was deliberate or unintended. If the certificate was revoked intentionally, then no further action is needed. 3.If it was revoked unintentionall, the CA certificate and every certificate in the branch must be reissued through enrollment or autoenrollment. 4.If the problem persists, enable CryptoAPI 2.0 Diagnostics to identify and resolve additional errors that might be causing the problem. Note: To perform these procedures, you must have Manage CA permission, or you must have been delegated the appropriate authority. Confirm that a CA certificate has been revoked To confirm that a CA certificate has been revoked: 1.Open a command prompt window. 2.Typecertutil -urlfetch -verify To enroll for a CA certificate To enroll for a CA certificate: 1.On the computer hosting the CA, clickStart, point toAdministrative Tools, and then click Certification Authority. 2.Right-click the CA name, selectAll Tasks and click Request CA Certificate. 3.Select the request file and the name of the CA or computer hosting a parent CA to process the request and complete the enrollment. 4.After the CA certificate has been installed, you will have to reissue all certificates that had been issued using the revoked CA certificate. Enable CryptoAPI 2.0 Diagnostics To enable CryptoAPI 2.0 Diagnostics: 1.On the computer hosting the CA, clickStart, point toAdministrative Tools, and clickEvent Viewer. 2.In the console tree, expandEvent Viewer, Applications and Services Logs, Microsoft, Windows, and CAPI2. 3.Right-clickOperational, and clickEnable Log. 4.ClickStart, point toAdministrative Tools, and clickServices. 5.Right-clickActive Directory Certificate Services, and clickRestart. 6.Scan the CAPI2 diagnostics log for information that relates to this error. |
| Reference Links | Event ID 51 from Source CertificationAuthority |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.