Trouble shooting windows certificate problems.

最新推荐文章于 2023-04-12 10:29:40 发布
最新推荐文章于 2023-04-12 10:29:40 发布
阅读量1.9k 收藏
点赞数
分类专栏: 密码学 .NET 文章标签: windows exchange exception permissions microsoft warnings
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/realduke2000/article/details/7886105
版权

A simple way to to enable CAPI2 LOG at eventvwr -> applications and services log -> microsoft -> windows -> CAPI2 ->  operational.

Such like this, I encounter this problem, obviously it's a certificate issue, UnsupportedCryptographicSetException, who TMD knows what you(WIN8) are supporting and what features you have cut. 

While I'm boring with this, I found this article and enabled CAPI2 logs, then the original problem was exposed, so I can fix it right now.


Error:

========

Results : Checking Exchange Server ...

              - PASS: Exchange Server is running in Enterprise.
          Loading IRM configuration ...
              - PASS: IRM configuration loaded successfully.
          Retrieving RMS Certification Uri ...
              - PASS: RMS Certification Uri: https://exhv-1107/_wmcs/certification.
          Verifying RMS version for https://exhv-1107/_wmcs/certification ...
              - PASS: RMS Version verified successfully.
          Retrieving RMS Publishing Uri ...
              - PASS: RMS Publishing Uri: https://exhv-1107dom.extest.microsoft.com/_wmcs/licensing.
          Acquiring Rights Account Certificate (RAC) and Client Licensor Certificate (CLC) ...
              - WARNING: Failed to acquire a Rights Account Certificate (RAC) and/or a Client Licensor Certificate
          (CLC). This failure may cause features such as Transport Decryption, Transport Protection Rules, Journal
          Report Decryption, IRM in Outlook Web App, IRM in Exchange ActiveSync, and IRM Search to not work. Make sure
          that the Exchange Servers Group is granted "Read" and "Read & Execute" rights on the
          ServerCertification.asmx and Publish.asmx pipelines on your AD RMS server. For details, see "Set Permissions
          on the AD RMS Certification Pipeline" at  http://go.microsoft.com/fwlink/?LinkId=186951.
          ----------------------------------------
          Microsoft.Exchange.Security.RightsManagement.RightsManagementException: Failed to acquire server box RAC
          from https://exhv-1107/_wmcs/certification/servercertification.asmx. --->
          System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: Exception of type
          'System.Web.Services.Protocols.SoapException' was thrown. --->
          Microsoft.DigitalRightsManagement.Cryptography.UnsupportedCryptographicSetException: Exception of type
          'Microsoft.DigitalRightsManagement.Cryptography.UnsupportedCryptographicSetException' was thrown.
             --- End of inner exception stack trace ---
             at Microsoft.DigitalRightsManagement.Certification.BaseCertificationWebService.Certify(CAType caType,
          CertifyParams requestParameters)
             at Microsoft.DigitalRightsManagement.Certification.ServerCertificationWebService.Certify(CertifyParams
          requestParams)
             at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message,
          WebResponse response, Stream responseStream, Boolean asyncCall)
             at System.Web.Services.Protocols.SoapHttpClientProtocol.EndInvoke(IAsyncResult asyncResult)
             at Microsoft.Exchange.Net.WsAsyncProxyWrapper.EndInvoke(IAsyncResult result)
             at Microsoft.Exchange.Security.RightsManagement.SOAP.ServerCertification.ServerCertificationWS.EndCertify(
          IAsyncResult asyncResult)
             at Microsoft.Exchange.Security.RightsManagement.ServerCertificationWSManager.EndAcquireRac(IAsyncResult
          asyncResult)
             --- End of inner exception stack trace ---
             at Microsoft.Exchange.Data.Storage.RightsManagement.RmsClientManager.EndAcquireInternalOrganizationRACAndC
          LC(IAsyncResult asyncResult) in
          \\EXSRC\SOURCES\ALL\14.03.0082.000\sources\dev\data\src\storage\rightsmanagement\RmsClientManager.cs:line
          2896
             at
          Microsoft.Exchange.Data.Storage.RightsManagement.RmsClientManager.EndAcquireTenantLicenses(IAsyncResult
          asyncResult) in
          \\EXSRC\SOURCES\ALL\14.03.0082.000\sources\dev\data\src\storage\rightsmanagement\RmsClientManager.cs:line
          1007
             at Microsoft.Exchange.Data.Storage.RightsManagement.RmsClientManager.AcquireTenantLicenses(RmsClientManage
          rContext context, Uri licenseUri) in
          \\EXSRC\SOURCES\ALL\14.03.0082.000\sources\dev\data\src\storage\rightsmanagement\RmsClientManager.cs:line 964
             at Microsoft.Exchange.Management.RightsManagement.IRMConfigurationValidator.TryGetRacAndClc() in \\EXSRC\S
          OURCES\ALL\14.03.0082.000\sources\dev\Management\src\Management\rms\IRMConfigurationValidator.cs:line 355
          ----------------------------------------


          OVERALL RESULT: PASS with warnings on disabled features


EventLog:
=============

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Microsoft-Windows-CAPI2" Guid="{5bbca4a8-b209-48dc-a8c7-b23d3e5216fb}" /> 
  <EventID>30</EventID> 
  <Version>0</Version> 
  <Level>2</Level> 
  <Task>30</Task> 
  <Opcode>0</Opcode> 
  <Keywords>0x4000000000000001</Keywords> 
  <TimeCreated SystemTime="2012-08-20T05:12:59.990288400Z" /> 
  <EventRecordID>441</EventRecordID> 
  <Correlation /> 
  <Execution ProcessID="7608" ThreadID="2920" /> 
  <Channel>Microsoft-Windows-CAPI2/Operational</Channel> 
  <Computer>EXHV-1107.EXHV-1107dom.extest.microsoft.com</Computer> 
  <Security UserID="S-1-5-18" /> 
  </System>
- <UserData>
- <CertVerifyCertificateChainPolicy>
  <Policy type="CERT_CHAIN_POLICY_SSL" constant="4" /> 
  <Certificate fileRef="3131F84A08AE532FCFEFBD897DE256D741A9B4FE.cer" subjectName="EXHV-1107" /> 
  <CertificateChain chainRef="{62CD22FC-52E2-4318-A559-B956636D3922}" /> 
  <Flags value="0" /> 
- <SSLAdditionalPolicyInfo authType="server" serverName="exhv-1107dom.extest.microsoft.com">
  <IgnoreFlags value="0" /> 
  </SSLAdditionalPolicyInfo>
  <Status chainIndex="0" elementIndex="0" /> 
  <EventAuxInfo ProcessName="w3wp.exe" /> 
  <CorrelationAuxInfo TaskId="{69EA1F92-583C-4101-8C71-95FD2A22F8BD}" SeqNumber="1" /> 
  <Result value="800B010F">The certificate's CN name does not match the passed value.</Result> 
  </CertVerifyCertificateChainPolicy>
  </UserData>
  </Event>


How to troubleshoot Certificate Enrollment in the MMC Certificate Snap-in

http://blogs.technet.com/b/askds/archive/2007/11/06/how-to-troubleshoot-certificate-enrollment-in-the-mmc-certificate-snap-in.aspx

realduke2000
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
计算机主机名无效,证书中的主机名无效 - R.(The host name in the certificate is invalid - R)...
weixin_28622215的博客
06-20 2267
证书中的主机名无效 - R.(The host name in the certificate is invalid - R)在过去的四个月里,我从劳工部下载zip文件没有任何问题。 但是,昨晚,当我去下载数据时,收到以下错误消息:“证书中的主机名无效或不匹配”。 我今天早上尝试了几种不同的故障排除解决方案,包括更改我的默认broswer,但似乎没有任何效果。 我还在不同的WIFI站尝试了两台不同...
newsgroup_txt
weixin_44714173的博客
07-29 2万+
Why is the mirror of journey to the West useless to monkey king? |||0 First couplet: one night spring breeze to go, how to the second couplet? |||0 What do relatives say makes you most disgusted? |||0 The second couplet: three mountains and five mountains
pytorch中SGD/Momentum/RMSprop/Adam优化器的简单比较
Troublemaker丶的博客
03-30 3943
SGD是比较普通的优化器(其实SDG也挺好的) Momentum是SGD的升级版,代码里可看到和SGD用的也是同一个函数,只是加了动量 RMSprop是Momentum的升级版 Adam是RMSprop的升级版 设置超参,准备数据 利用之前的回归来实现 # 超参数 LR = 0.01 batch_size = 10 epoches = 3 torch.manual_seed(15) # 准备...
Tomcat配置、管理和问题解决 | Tomcat Configuration, Manangement and Trouble Shooting
weixin_30472035的博客
08-03 2706
Tomcat配置、管理和调优 Tomcat知识 关于tomcat AJP 由于tomcat的html和图片解析功能相对其他服务器如apche等较弱,所以,一般都是集成起来使用,只有jsp和servlet服务交由 tomcat处理,而tomcat和其他服务器的集成,就是通过ajp协议来完成的。AJP协议AJP13是定向包协议。因为性能原因,使用二进制格式来 传输可读性文本。 Tomcat开发...
【英文文档】Solidifier for Windows Installation Guide
weixin_30432179的博客
03-19 8512
Page 1Solidifier for Windows Installation Guide Page 2McAfee, Inc.McAfee® Solidifier for Windows Installation GuideEnd User License AgreementBY DOWNLOADING, INSTALLING, COPYING, ACCESSING, OR USING...
驯服三头野兽:了解Kerberos以对Hadoop安全性进行故障排除
weixin_26722031的博客
07-30 908
Three years ago, I was tasked with migrating the data analysis stack of a company with millions of daily active users from its traditional SQL-based infrastructure to Apache Hadoop. Back then, I consi...
英语每日小记
热门推荐
sulia1234567890的博客
04-12 7万+
英语
Self-introduction:)
想像五年后的我-lvltt的专栏
06-22 3402
Self-introduction:)          Hi,this is lvl,i graduate from zhengzhou university and major in Computer Science Engineering.During my college life,i have earned straight good grades in many classes and
【转载】RFC5952 IPv6地址文本格式的建议规范
木木与呆呆的专栏
08-18 584
Internet Engineering Task Force (IETF) S. Kawamura Request for Comments: 5952 NEC BIGLOBE, Ltd. Updates: 4291 ...
西门子双源CT维修手册Gantry Trouble Shooting Guide.pdf
06-16
西门子双源CT维修手册是西门子公司为其SOMATOM Definition双源CT扫描仪所提供的官方技术文档,用于指导技术人员对CT设备的机架部分进行故障排查。这份手册是专为授权人员使用,涵盖了安全信息、操作指南、故障排除...
Akamai Techincal Trouble Shooting Sharing copy.pdf
04-28
### Akamai技术故障排查详解 #### 一、引言 Akamai Technologies是一家全球领先的云服务提供商,致力于提供高效、可靠且安全的内容分发网络(CDN)服务。Akamai的技术支持工程师们经常面临各种各样的技术问题,本...
优秀免费的桌面截图工具 Bug Shooting 2.17.2.849 中文版.zip
05-25
Bug Shooting 中文版一款来自国外的免费截图软件,它不仅支持各种截图,并且还支持简单的图片编辑,可以添加文字、箭头以及各种效果。支持中文界面。Bug Shooting 支持快捷键的截图工具和大多同类软件类似,Bug ...
RS485_Trouble_Shooting.zip_RS485 modbus_Trouble_modbus rs485
09-21
标题中的“RS485_Trouble_Shooting.zip”表明这是一个关于RS485通信协议故障排查的压缩文件,而“RS485 modbus_Trouble_modbus rs485”进一步指出了主题涉及RS485接口下的Modbus通信问题。描述中的“Modbus ...
Shooting method matlab代码.zip
最新发布
04-20
1.版本:matlab2014/2019a,内含运行结果,不会运行可私信 2.领域:智能优化算法、神经网络预测、信号处理、元胞自动机、图像处理、路径规划、无人机等多种领域的Matlab仿真,更多内容可点击博主头像 ...
接口和继承的区别
realduke2000的专栏
03-11 5914
当使用继承的时候,主要是为了不必重新开发,并且在不必了解实现细节的情况下拥有了父类我所需要的特征。 但是很多时候,一个子类并不需要父类的所有特征,它可能只是需要其中的某些特征,但是由于通过继承,父类所有的特征都有了,需要的和不需要的特征同时具备了。而那些子类实际上不需要用到的,有时候甚至是极力避免使用的特征也可以随便使用,这就是继承的副作用。特别是允许多重继承的OO语言中,很容易引起不容易发现的错
如何寻找已注册dll的路径
realduke2000的专栏
07-16 4320
 在HKEY_LOCAL_MACHINE/SOFTWARE/MICROSOFT/WINDOWS/CURRENTVERSION/ShareedDlls   中存放所有注册过的dll的属性,其中VALUE NAME 为该dll的路径,value data表明当前有几个进程在访问、使用这个dll。所以可以在程序中顺序访问该文件夹下的所有dll找到你需要的,提取出它的路径。
关于C#静态构造方法的几点说明
realduke2000的专栏
01-09 3613
 静态构造函数是C#的一个新特性,其实好像很少用到。不过当我们想初始化一些静态变量的时候就需要用到它了。这个构造函数是属于类的,而不是属于哪里实例的,就是说这个构造函数只会被执行一次。也就是在创建第一个实例或引用任何静态成员之前,由.NET自动调用。    class SimpleClass { // Static constructor static SimpleClass() { // } }
XmlTextReader and XmlException: Root element is missing
realduke2000的专栏
05-14 2399
<br />http://edwardweinert.com/programming/xmltextreader-and-xmlexception-root-element-is-missing/<br /> <br /><br />During my work with XML in .NET I ran across strange behavior of passing stream into a XmlTextReader object. When I tried to read a stream
解决Windows 10故障排查指南
"Windows 10 Troubleshooting 是一本由Mike Halsey编写的英文PDF电子书,专门针对Windows 10操作系统中的故障排查问题。作者Mike Halsey是Microsoft MVP(最有价值专家),他在英国南约克郡谢菲尔德的格里德利斯谷有...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值