IdM CA certificate renewal failed with external Active Directory CA
Issue
- Renewing an IdM CA certificate signed by Windows AD CA fails with this error:
Certificate Request Processor
The requested certificate template is not supported by this CA.
0x80094800 (-2146875392) CERTSRV_E_UNSUPPORTED_CERT_TYPE)
Denied by Policy Module 0x80094800, The request was for a certificate
template that is not supported by the Active Directory Certificate
Services policy: ipaCSRExport
Environment
- Red Hat Enterprise Linux
- Identity-Management with externally signed CA
- The issue affects only CA certificate renewals signed by Microsoft AD CA
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
