locked
AD RMS set up error: failed to generate an enrollee certificate public key RRS feed

  • Question

  • I am setting up AD RMS and encountered this error: AD RMS set up failed to generate an enrollee certificate public key.  I use SafeNet Luna SA HSM, FQDN and public root issued SSL cert for web service.  This AD RMS is for internal use only.

    Your help is much appreciated.  Thanks.

    erro screenshot

    Tuesday, September 29, 2015 6:16 PM

All replies

  • For Install the AD RMS cluster, you will do it by using a secure sockets layer (SSL) certificate. This certificate should be issued from a trusted root certification authority. Verify that this certificate is imported on personal on local computer and it's valid. it should be server and client authentication.

    From the IIS Manager console, select your Web server in the console tree, then click Server Certificates to open and select the SSL certificate for that server. Once you have located the SSL certificate in the list, double-click it to view its properties. To view the certificate hierarchy, click the Certification Path tab and then click each certificate in the hierarchy to ensure that the status on each is OK.

    Also you refer below links

    https://technet.microsoft.com/en-us/library/dd772659%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396

    http://social.technet.microsoft.com/wiki/contents/articles/13130.ad-rms-troubleshooting-guide.aspx


    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"Mai Ali | My blog: Technical | Twitter: Mai Ali

    Tuesday, September 29, 2015 7:20 PM