Sysadmins LV
Vadims Podāns
Vadims Podāns
Microsoft Most Valuable Professional: Windows PowerShell
Protected by Copyscape DMCA Takedown Notice Search Tool

Retired Microsoft Blog disclaimer

This directory is a mirror of retired "Decrypt My World" MSDN blog and is provided as is. All posting authorship and copyrights belong to respective authors.

CertEnroll::CX509Enrollment::p_CreateRequest returns error 0x800b0112

Original URL: https://blogs.msdn.microsoft.com/alejacma/2009/05/28/certenrollcx509enrollmentp_createrequest-returns-error-0x800b0112/
Post name: CertEnroll::CX509Enrollment::p_CreateRequest returns error 0x800b0112
Original author: Alejandro Campos Magencio
Posting date: 2009-05-28T05:44:00+00:00

Hi all,

One of the issues we may find when trying the code in my post How to create a certificate request that uses key archival with CertEnroll (JavaScript)is the following error when creating the request:

CertEnroll::CX509Enrollment::p_CreateRequest: A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478)

This issue can occur if the CA certificate is not in client's Enterprise NTAuth store. The local NTAuth store can be manually populated using the utility certutil.exe:

Certutil -enterprise -addstore NTAuth CaCertificate.cer

More info here:

How to import third-party certification authority (CA) certificates into the Enterprise NTAuth store

I hope this helps.

Regards,

Alex (Alejandro Campos Magencio)

Share this article:

Comments:

Comments are closed.