Wednesday, August 15, 2012

RESOLVED: Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Certificate Services policy

I was recently engaged at a client site where we used Lync Server 2010's UI for generating a private certificate for the customer's Edge server. The request was sent to their internal PKI environment and came back with the error:

Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Certificate Services policy.

The customer's Windows certificate server used a custom template based on the default WebServer template shipped with the OS. The template "friendly name" contained spaces such as "Contoso - Web Server v2" however the "short name" removes these and is referenced as "ContosoWebServerv2".

During the certificate request process in Lync Server 2010 you can specify an alternate template to use for signing the certificate. During this process I had specified the friendly name and not the short name which resulted in the error.

Once I changed the Lync Server 2010 certificate request template name in the wizard to the short name, the CA issued the certificate just fine!

Thanks to Dev for this one!

12 comments:

  1. Thank you! You saved me many hours of work!

    ReplyDelete
  2. Great!! it works!!!

    ReplyDelete
  3. This was exactly my issue aswell!

    Danny - Israel.

    ReplyDelete
  4. Many, many thanks! I had this problem while implementing Citrix XenMobile Cert Based Auth! Alex

    ReplyDelete
  5. Thank you. this saved my a_s

    ReplyDelete
  6. Brilliant, thank you!

    ReplyDelete
  7. Thanks! Exactly what i was looking for.

    ReplyDelete
  8. You saved my day! Thank you! Rein

    ReplyDelete
  9. This saved me hours of work. Greatly appreciated, thank you!

    ReplyDelete
  10. Great! This really helped bunch of thanks for sharing.

    ReplyDelete