Additional Key Usage extensions required during certificate approval
Originally Published: 2004-01-13
Article Number
Applies To
Microsoft Windows 2000 Server
Sun Solaris
Issue
When selecting Key Usage extensions during certificate approval, the CA requires at least one of the options to be manually ticked before allowing the certificate to be issued (other than those ticked and grayed out because they are compulsory key usages). For example, in a MS Domain Controller cert profile, Digital Signature and Key Encipherment are compulsory key usages. Hence, during approval, these options will be displayed as ticked and uneditable. However, KCA 6.5.1 requires at least one of the other options to be ticked before allowing the certificate to be issued, even though those key usages are not needed.
Resolution
Related Articles
Authentication error occurs when additional authentication is required for RSA SecurID Access application portal or a prot… Number of Views Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … Number of Views Root CA certificate is required for activation error when importing a custom certificate signed by a known CA into Operati… Number of Views IMG - How to add additional options to approvals/fulfillments Number of Views Mandatory Update: DigiCert Certificate Configuration for RSA Prime (Required by October 06, 2025 for Cloud Access Service … Number of Views
Trending Articles
How to download and install the AFX Server Archive in RSA Identity Governance & Lifecycle RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide The Template ({Connector Template Name}) has missing file content error when creating AFX Connectors in RSA Identity Gover… Downloading RSA Authentication Manager license files or RSA Software token seed records Troubleshooting RSA MFA Agent for Microsoft Windows
Don't see what you're looking for?
