Permission Denied During Certificate Creation (171140)
The information in this article applies to:
- Microsoft Certificate Server 1.0
- Microsoft Internet Information Server 3.0
This article was previously published under Q171140 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: SYMPTOMS
When you try to create a client certificate for Microsoft Internet
Explorer through the Microsoft Internet Explorer Enrollment Form, you
may get an error message similar to the following:
Microsoft VBScript runtime error '800a0046'
Permission denied
/CertSrv/CertEnroll/ceaccept.asp, line 10
CAUSE
The IUSR_computername account does not have access to the Certificate
Server shared folder.
RESOLUTION
Give the IUSR_computername account Read access to the shared folder,
and the certificates will be issued properly.
MORE INFORMATION
If the anonymous account (or logged-in user) does not have at least
Read access to the Well Known Directory, the certificate generation
process will fail. An error message will be returned, formatted as an
HTML document.
The Well Known Directory is the name given to the shared folder
required by the Certificate Server Setup program. This share contains
information specific to the Self-Signed Certificate (Root CA).
| Modification Type: | Minor | Last Reviewed: | 6/23/2005 |
|---|
| Keywords: | kberrmsg kbother kbprb KB171140 |
|---|
|