You are unable to publish the Certificate Revocation List (CRL) on a computer that is running Windows Server 2003, Windows Server 2008 and Windows Server 2008 R2. At the same time, the event log is added in the application event log.
The following event is displayed in the event log of the Certificate Server:
If you enable debug logging of the certsvc service you will see that other requests are also failing and output in the certsrv.log looks similar to the below.
429.2137.0: 0x65 (WIN32/HTTP: 101)
809.78.0: 0x80072095 (WIN32: 8341)
CertSrv: Base + Delta CRL Publishing Enabled, TimeOut=0s, 0 Seconds
429.2137.0: 0x1 (WIN32: 1): 000004DC: LdapErr: DSID-0C090B22, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
509.2574.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2581.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2774.0: 0x800704dc (WIN32: 1244)
509.2848.0: 0x800704dc (WIN32: 1244)
509.3056.0: 0x800704dc (WIN32: 1244)
CertSrv: Published Delta CRL #2231 for key 3.0
509.4547.0: 0x800b0101 (-2146762495)
509.4547.0: 0x800b0101 (-2146762495)
509.4547.0: 0x800b0101 (-2146762495)
CertSrv: Issued CRL Exit Event
509.1623.0: 0x800704dc (WIN32: 1244)
CertSrv: Base + Delta CRL Publishing Enabled, TimeOut=86400s, 1 Days
CertSrv: CRL Publishing periodic retry, TimeOut=600s
429.2137.0: 0x1 (WIN32: 1): 000004DC: LdapErr: DSID-0C090B22, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
509.2574.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2581.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2774.0: 0x800704dc (WIN32: 1244)
509.2848.0: 0x800704dc (WIN32: 1244)
509.3056.0: 0x800704dc (WIN32: 1244)
429.2137.0: 0x1 (WIN32: 1): 000004DC: LdapErr: DSID-0C090B22, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
509.2574.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2581.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2774.0: 0x800704dc (WIN32: 1244)
509.2848.0: 0x800704dc (WIN32: 1244)
509.3056.0: 0x800704dc (WIN32: 1244)
509.4212.0: 0x800b0101 (-2146762495)
509.4212.0: 0x800b0101 (-2146762495)
509.4212.0: 0x800b0101 (-2146762495)
For information on how to enable debug logging see Microsoft KB Article:
The following event is displayed in the event log of the Certificate Server:
Event Type: Error
Event Source: CertSvc
Event Category: None
Event ID: 75
Date: dd/mm/yyyy
Time: hh:mm:ss
User: N/A
Computer: Server1
Description:
Certificate Services could not publish a Delta CRL for key 0 to the following location on server Server1.domain.com: ldap:///CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com. The operation being requested was not performed because the user has not been authenticated. 0x800704dc (WIN32: 1244).
dap: 0x1: 000004DC: LdapErr: DSID-0C090B22, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
NOTE: The DSID may vary.
429.2137.0: 0x65 (WIN32/HTTP: 101)
809.78.0: 0x80072095 (WIN32: 8341)
CertSrv: Base + Delta CRL Publishing Enabled, TimeOut=0s, 0 Seconds
429.2137.0: 0x1 (WIN32: 1): 000004DC: LdapErr: DSID-0C090B22, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
509.2574.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2581.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2774.0: 0x800704dc (WIN32: 1244)
509.2848.0: 0x800704dc (WIN32: 1244)
509.3056.0: 0x800704dc (WIN32: 1244)
CertSrv: Published Delta CRL #2231 for key 3.0
509.4547.0: 0x800b0101 (-2146762495)
509.4547.0: 0x800b0101 (-2146762495)
509.4547.0: 0x800b0101 (-2146762495)
CertSrv: Issued CRL Exit Event
509.1623.0: 0x800704dc (WIN32: 1244)
CertSrv: Base + Delta CRL Publishing Enabled, TimeOut=86400s, 1 Days
CertSrv: CRL Publishing periodic retry, TimeOut=600s
429.2137.0: 0x1 (WIN32: 1): 000004DC: LdapErr: DSID-0C090B22, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
509.2574.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2581.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2774.0: 0x800704dc (WIN32: 1244)
509.2848.0: 0x800704dc (WIN32: 1244)
509.3056.0: 0x800704dc (WIN32: 1244)
429.2137.0: 0x1 (WIN32: 1): 000004DC: LdapErr: DSID-0C090B22, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1
509.2574.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2581.0: 0x800704dc (WIN32: 1244): CN=server1,CN=server1,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=CONTOSO,DC=com
509.2774.0: 0x800704dc (WIN32: 1244)
509.2848.0: 0x800704dc (WIN32: 1244)
509.3056.0: 0x800704dc (WIN32: 1244)
509.4212.0: 0x800b0101 (-2146762495)
509.4212.0: 0x800b0101 (-2146762495)
509.4212.0: 0x800b0101 (-2146762495)
For information on how to enable debug logging see Microsoft KB Article:
931354 Event ID 77 is logged in the Application log when the CertSvc service starts on a CA server that is running Windows Server 2003 with Service Pack 1