Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: certificateenroll
certificateenroll Author
User level: Level 1
8 points

MSCA - RPC - Key Archival Support

Dear Apple Community


According to this article How to request a certificate from a Microsoft Certificate Authority using DCE/RPC and the Active Directory Certificate p… it is possible to enroll certificates to a OSX Endpoint if they are domain joint.


My Question: Is Key Archival Supported?


So if "Archive subject's encryption private key" is set in the template will OSX do the private key exchange?

User uploaded file


Thank you

MacBook Air, OS X El Capitan (10.11)

Posted on Nov 14, 2016 10:21 AM

Reply
1 reply
User profile for user: jean-charlesp
jean-charlesp
User level: Level 1
4 points

Nov 2, 2017 2:08 AM in response to certificateenroll

Hello certificateenroll,


Did you have an answer to this request ?

I have the same issue and find no answer for this.


On my Certificate Authority, i have the following error when I activated the certificate archivage :

"A private key requested for archiving by the server is missing in the request. 0x80094804 (-2146875388 CERTSRV_E_ARCHIVED_KEY_REQUIRED) - Refused by the strategy module."


FYI : This works for Windows clients. And when I desactivate the certificate archivage, I don't have any error and Mac Os Client receive certificate.


Best Regards,

Jean-Charles

Reply

MSCA - RPC - Key Archival Support

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up