AD CS: Certificate Authority installation fails: "Provider could not perform the action since the context was acquired as silent. 0x80090022 (-2146893790)"

AD CS: Certificate Authority installation fails: "Provider could not perform the action since the context was acquired as silent. 0x80090022 (-2146893790)"

Table of Contents



Symptom



Certificate Authority installation fails: "Provider could not perform the action since the context was acquired as silent. 0x80090022 (-2146893790)"



Cause



Check the CA registry for the following value:



Key Name:          HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cryptography


Class Name:        <NO CLASS>
Last Write Time:   3/18/2011 - 5:27 AM
Value 0
  Name:            forcekeyprotection
  Type:            REG_DWORD
  Data:            0x2




This registry value likely comes from the following Group Policy or local policy setting:



Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\



System cryptography: Force strong key protection for user keys stored on the computer





Resolution





This value should not be set on a Microsoft CA since, by default, administrator intervention when accessing the CA's private key is disabled.



You should either edit Group Policy, local policy, or the registry so that this value is not set on the CA.

Leave a Comment
  • Please add 2 and 3 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
Page 1 of 1 (2 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Maheshkumar S Tiwari edited Original. Comment: Added TOC and formatting

  • Maheshkumar S Tiwari edited Revision 1. Comment: Added Tag and minor edit

Page 1 of 1 (2 items)