This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 17%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECG%3C/text%3E%3C/svg%3E)
Hello, I am surprised to suddenly see the following event id 53. I saw the first event 2 days ago
Active Directory Certificate Services denied request 25 because The certificate template renewal period is longer than the certificate validity period. The template should be reconfigured or the CA certificate renewed. 0x80094814 (-2146875372 CERTSRV_E_CERT_TYPE_OVERLAP). The request was for CN=<server>. Additional information: Denied by Policy Module Renewing a certificate with the DomainController Certificate Template failed because the renewal overlap period is longer than the certificate validity period.
In the Certificate Authority Console, the Failed requests show "Denied by Policy Module Renewing a certificate with the DomainController Template failed because the renewal overlap.......
Is the following article the solution?
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc780374(v=ws.10)
Don't I have experienced this before.
Thank you
Yes, referenced link is the right solution and you have to renew your CA certificate.
I attempted to renew the cert without an error. But I do not see the cert with a later expiration date under Issued Certificates. How can I tell if the cert is renewed? Thank you
It won't show in issued certificates, because it isn't really issued, it is self-generated. In CA MMC (certsrv.msc), select CA node, right-click and select Properties. There you will see new incremented certificate. General tab lists all previous CA certificates.