Cannot import certificate with certutil “The requested operation is not supported”

There is a known issue with certificates which are one created with provider “Microsoft RSA SChannel Cryptographic Provider” which is decribed in this Blog. OWA and ECP are looping on FBA logon page.

Recently I had an issue implementing the solution :

certutil -csp “Microsoft RSA SChannel Cryptographic Provider” -importpfx <CertificateFilename>

On one maschine this Command is trowing exeption:

CertUtil: -importPFX command FAILED 0x80090029 (-2146893783 NTE_NOT_SUPPORTED)

CertUtil: The requested operation is not supported.

error

Cauise for this issue was that there was addidional permission for System on follwong folder: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys.

opa

After  removing the permissions the issue no longer exists and the certificate can be imported and OWA is not looping anymore.

 

 

 

 

 

 

Advertisements

One thought on “Cannot import certificate with certutil “The requested operation is not supported”

  1. I was having issues with SCOM not being able to use a certificate I created for a workgroup computer. It kept changing the keyspec to 0 and using the wrong provider. We finally found additional entries for security to this folder. we removed them and it worked as expected. All the keys that were placed in this folder while the extra permissions were in place have corrupt security, no user or group has permissions to this object.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s