none
An error occurred in the secure channel support 0x80072f7d - Win 10 1803 request certificate from 2012 R2 CA

    Question

  • Windows 10 17134.48 Pro Education client domain joined (client certificates issued OK)

    Trying to obtain Remote Desktop certificate (from template that works fine)

    I get the error

    Service is working fine & I get (expected)

    401 - Unauthorized: Access is denied due to invalid credentials.

    if I try to access it from browser session

    Any idea what that is?

    I already used IIS Crypto 2 for Best Practices (on both client and server)

    Seb

    Thursday, May 17, 2018 2:05 PM

All replies

  • All my other clients (various versions of Server 2012 R2/2016) have no problems

    Nice discussion of this error - here

    Still no idea how any of that "helps" me

    Thursday, May 17, 2018 7:39 PM
  • Day later I have another error on the same box.

    This time

    And also trying from Powershell (as per last post in this thread)

    Get-Certificate -Template "Remote Desktop Authentication" -DnsName testdns.domain.com -url 'https:/<CAserver>/ADPolicyProvider_CEP_Kerbos/service.svc/CEP' -CertStoreLocation cert:\localmachine\my
    Get-Certificate : CX509EnrollmentPolicyWebService::LoadPolicy: The specified module could not be found. 0x8007007e
    (WIN32/HTTP: 126 ERROR_MOD_NOT_FOUND)
    At line:1 char:1
    + Get-Certificate -Template "Remote Desktop Authentication" -DnsName se ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : NotSpecified: (:) [Get-Certificate], Exception
        + FullyQualifiedErrorId : System.Exception,Microsoft.CertificateServices.Commands.GetCertificateCommand

    Friday, May 18, 2018 8:59 AM
  • In the end I used IE accessing MS CA Web enrollment page and certificate got issued with no problem

    Did 1803 buggered something in GUI/PS ?

    Seb

    Friday, May 18, 2018 9:26 AM