Microsoft Certificate Authority (CA) won’t start

Sometimes strange things can happen in an IT environment.

For example, you want to (re)start your CA and you get the message:

Or maybe you get:

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate: LAB-CA Object was not found. 0x80090011 (-2146893807)

Well, what’s next? New CA?

The problem here is that the private key for the CA certificate is gone (deleted) or corrupted!

So, grab your backup (you do make backups, do you?!)

The private key is stored in:

%systemdrive%\ProgramData\Microsoft\Crypto\Keys

Restore the key(s) and you will have a happy CA again!

Happy certificate issuing!

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.