FIX: The request does not contain a certificate template extension or the CertificateTemplate request attribute

Scenario:

You require to generate a SSL Certificate from your enterprise CA to implement SSL communication for a web site on your Web Server.  You are running your web site under IIS on a Windows Server 2008 R2 Web server.  You have your enterprise CA hosted on Windows Server 2012 within your domain.  You create a Certificate request .Req file using “Create Certificate Request…” from IIS and use that .Req file on your CA console to submit the request using “Submit new request…” option, then your CA console reports the below mentioned error message and doesn’t generate you a certificate file.

 

Error:

—————————

Certificate Request Processor

—————————

The request contains no certificate template information. 0x80094801 (-2146875391)

Denied by Policy Module 0x80094801, The request does not contain a certificate template extension or the CertificateTemplate request attribute.

—————————

OK

—————————

 

Fix:

Generate .Req file using “Create Certificate Request…” option on your Web server IIS and copy it to your enterprise CA, say “C:\temp\UKService.mycorpsite.com.Req”.

Login to your enterprise CA as Domain Administrator and run the below command to submit your certificate request. 

C:\>certreq -submit -attrib “CertificateTemplate:WebServer” “C:\temp\UKService.mycorpsite.com.Req”

Active Directory Enrollment Policy

{F89291D1-D321-40F2-B578-6C407BDKB502}

ldap:

RequestId: 12

RequestId: “12”

Certificate retrieved(Issued) Issued

C:\>

During execution of this command you will be prompted to choose the CA as shown below:

image

Then you’ll be prompted to specify a location to save your .cer file as shown below:

image

 

Resources:

You may receive a “The request contains no certificate template information” error message when you submit a CSR to an enterprise CA by using the Certification Authority Microsoft Management Console (MMC) snap-in in Windows Server 2003

Leave a Reply

Your email address will not be published. Required fields are marked *