Automatic Certificate Request for Internet Protocol Security May Not Distribute Certificate (298489)
The information in this article applies to:
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows Server 2003, Enterprise Edition
This article was previously published under Q298489 SYMPTOMS
After you create an automatic certificate request Group Policy for Internet Protocol security (IPSec), computers may not receive an IPSec certificate, even though the policy has been applied.
CAUSE
This issue can occur if a corresponding IPSec certificate template has not been created at the enterprise certification authority (CA).
RESOLUTION
To resolve this issue, create an IPSec certificate template at the enterprise CA:
- Start the Certification Authority Microsoft Management Console (MMC) snap-in that is located in the Administration Tools folder on the enterprise CA.
- Right-click Certificate Templates, and then New - Certificate Template to Issue.
- Click the IPSEC template, and then click OK.
NOTE: Computers do not receive the IPSec certificate until the next Group Policy refresh interval. To force an immediate policy refresh, you can use the gpupdate command.
STATUSThis behavior is by design.
| Modification Type: | Major | Last Reviewed: | 6/4/2003 |
|---|
| Keywords: | kbenv kbnetwork kbprb KB298489 |
|---|
|