I was on the process of installing and configuring my Own Certificate Authority by installing the Active Directory Certificate Services. The installations were completed successfully. I tried to create a Certificate from the IIS I was facing an Exception like “Error: The revocation function was unable to check revocation because the revocation server was offline. 0x80092013 (-2146885613)”
On the Server Manager, we can see the exception as below.
I was not able to Create a certificate as well as the Renewal also not be done.
Then after googling for a while, found a useful tip regarding this. Thought of sharing this to the SharePoint Community.
Executing a simple command solves this problem.
· Open the Command Prompt as Administrator on the CA Server.
· Execute the following command.
certutil –setreg caCRLFlags +CRLF_REVCHECK_IGNORE_OFFLINE· Restart the Server.
· Try creating/Renewal the certificate.
· It should create/Renew without any issue.
Then, if you want to roll back to the previous setting,
certutil –setreg caCRLFlags -CRLF_REVCHECK_IGNORE_OFFLINE.The execution of the above command will gives the following output.
Old Value:
CRLFlags REG_DWORD = 2
CRLF_DELETE_EXPIRED_CRLS -- 2
New Value:
CRLFlags REG_DWORD = a (10)
CRLF_DELETE_EXPIRED_CRLS -- 2
CRLF_REVCHECK_IGNORE_OFFLINE -- 8
CertUtil: -setreg command completed successfully.
Happy Coding.
Sathish Nadarajan.
Leave a comment