214 Cannot find the certificate for %1 to build a certificate chain. Do you wish to install this certificate now?
215 Cannot verify certificate chain. Do you wish to ignore the error and continue?
216 An error occurred retrieving the pending certificate\nfrom %1:
217 Get Server CA Name
218 Select CA
230 Save certificate and Keys
231 Retrieve Certificate
232 Finish Suspended Setup
233 The certificate is not a CA certificate.
234 Setup complete
235 Retrieve Pending Certificate
236 Key Index
237 Load Old Certificate
238 Clone Root Certificate
239 Build Request
240 Renew CA -- reuse keys
241 Install CA Certificate
242 Renew CA -- new keys
243 Build CA Certificate
244 Save Chain and Keys
245 If you want to send the request to an offline CA, click Cancel and send the request file at %1 to your parent CA.
246 Create DS CDP object
247 Create DS enrollment services object
248 Create DS Root Trust
249 Publish CA in DS
250 Submit Request
251 An error occurred when creating the new key container "%1". Please make sure the CSP is installed correctly or select another CSP.\n
252 The Certification Authority certificate has a bad length:
253 The new Certification Authority certificate cannot be installed because the CA Version extension is incorrect. The most recently generated request file should be used to obtain the new certificate: %1
254 The root certificate is untrusted. Do you wish to trust the root certificate on this machine and complete the installation?
255 Cannot add the Certification Authority certificate to the certificate store:
256 Cannot create a certificate context using the Certification Authority certificate:
257 Unreferenced INF sections
258 Set Security
259 Cannot create file %1:
260 The existing private key "%1" cannot be deleted. Either reuse this key, or use a different name for the CA.\n
261 Cannot encode key attributes:
262 Cannot encode certificate:
263 The %SystemRoot% environment variable is not set.
264 This key storage device is full and the new key "%1" could not be added. Go back and pick an existing key, or use a different key storage device.\n
265 An error occurred when generating key "%1" for the Active Directory Certificate Services service. Either the CSP configuration is not complete or the key length is not supported. Please make sure the CSP is installed correctly or select another CSP.\n
266 Cannot determine the computer name:
267 An error occurred when setting the security access on the private key "%1", or the CSP selected does not support setting security access on private keys. Please make sure the CSP is installed correctly or select another CSP.\n
268 Cannot decode Certification Authority name information:
269 The parent CA has denied your request because you are not a domain administrator. (%1)\nTo obtain the certificate for your CA, you must request the certificate as a domain administrator. You can install the certificate using the Certification Authority snap-in.
270 The new certificate subject Common Name does not match the active CA name:
271 Generate Keys
272 An error was detected while configuring Active Directory Certificate Services.\nThe Active Directory Certificate Services Setup Wizard will need to be rerun to complete the configuration.\n
273 The parent CA has denied your request for a CA certificate. Please contact the parent CA administrator.\n(%1)
274 An error occurred when the parent CA processed this CA certificate request. Please contact the parent CA administrator.\n(%1)
275 This CA certificate request did not complete. Please contact the parent CA administrator.\n(%1)
276 This CA certificate will be issued administratively. Please contact the parent CA administrator.\n(%1)
277 This CA certificate request is in the pending state. Please contact the parent CA administrator.\n(%1)
278 This CA certificate was revoked by the parent CA. Please contact the parent CA administrator.\n(%1)
279 Cannot set the key provider information for the certificate context:
280 Cannot submit the certificate request to the specified CA. Please ensure that the CA information is correct and that the CA is online. Note: only CAs running the Microsoft Active Directory Certificate Services are supported.\n
281 Cannot submit the certificate request to the specified CA. (%1)\nTo obtain the certificate for your CA, you can install the certificate using the Certification Authority snap-in.
282 The new certificate subject name does not exactly match the active CA name.\nRenew with a new key to allow minor subject name changes:
283 The new certificate public key does not match the current outstanding request.\nThe wrong request may have been used to generate the new certificate:
284 Find certificate for %1
285 Cannot write the Certification Authority certificate to file "%1":
286 Cannot write to file %1:
287 INF file error
288 Set Key Security
289 Parent CA =
290 Request ID =
291 Microsoft Active Directory Certificate Services
292 Set Directory Security
299 An error occurred when creating the new key container "%1". You do not have write access permission to the key container. Please use a different CA name.\n
301 Dump configuration information or files
302 Get default configuration string
303 Get default configuration string via ICertGetConfig
304 CA Version
305 Decode hexadecimal-encoded file
306 Decode Base64-encoded file
307 Encode file to Base64
308 Deny pending request
309 Resubmit pending request
310 Revoke Certificate
311 Publish new CRLs [or delta CRLs only]
312 Get CRL
313 Display current certificate disposition
314 Set attributes for pending request
315 Set extension for pending request
316 Retrieve the CA's certificate
317 Retrieve the CA's certificate chain
318 UserKeyAndCertFile [CertId]
319 Import user keys and certificates into server database for key archival
357 ObjectId -- ObjectId to display or to add display name\nGroupId -- decimal GroupId number for ObjectIds to enumerate\nAlgId -- hexadecimal AlgId for ObjectId to look up\nAlgorithmName -- Algorithm Name for ObjectId to look up\nDisplayName -- Display Name to store in DS\n%1 -- delete display name\nLanguageId -- Language Id (defaults to current: %2)\nType -- DS object type to create: 1 for Template (default),\n 2 for Issuance Policy, 3 for Application Policy\nUse %3 to create DS object.
358 -- Indexed
359 Input Length = %d
360 No Key Authority serial number
361 Output Length = %d
362 DecodeFile returned %ws
363 EncodeToFile returned %ws
364 Issuer
365 Subject
366 ERROR: CA Issuer name does not match Key Authority name (%x)
367 CA Issuer name matches Key Authority name
368 No Key Authority name
369 ERROR: Issuer serial number does not match Key Authority
370 Issuer serial number matches Key Authority
371 Issuer Name
372 KeyAuthority Name
373 KeyId:
374 Key Authority SerialNumber:
375 CA Serial Number:
376 Process:
377 [DomainDN | -]
378 LoadKeys returned %ws
379 LoadCert(CA) returned %ws
380 ERROR: Certificate public key does NOT match stored keyset
381 Container Public Key:
382 Certificate Public Key:
383 Key "%ws" verifies as the public key for Certificate "%ws"
384 Key "%ws" does NOT verify as the public key for Certificate "%ws"
385 Leaf certificate is REVOKED (Reason=%x)
386 ERROR: Verifying leaf certificate revocation status returned %ws
387 Cannot check leaf certificate revocation status
388 Leaf certificate revocation check passed
389 LoadCert(Cert) returned %ws
390 LoadCert(CA) returned %ws
391 Cert
392 Issuing CA Cert
393 Cert Serial Number:
394 Issuing CA Cert Serial Number:
395 Issuing CA is not a root: Subject name does not match Issuer
396 ERROR: Issuing CA Subject name does not match Cert Issuer
431 Certificate has not been issued: Disposition: %d -- %ws
432 Certificate disposition for "%ws" is invalid
433 Certificate disposition for "%ws" is valid
434 Certificate disposition for "%ws" is revoked (%ws)
435 Date
436 Long
437 String
438 Binary
439 Schema:
440 Row %u:
441 Opening Database %ws
442 EMPTY
443 error = %ws
444 ,
445 Any Format
446 PKCS10
447 KeyGen Tag
448 PKCS7
449 Unknown
450 Force Teletex
451 Renewal
452 Critical
453 Disabled
454 PolicyFlags=%x
455 Request
456 Policy
457 Admin
458 Server
459 UNKNOWN
460 Origin=%ws
461 ???=%x
462 Get configuration via ICertConfig
463 Request Properties:
464 Certificate Properties:
465 Command Line
466 Sanitized Name:
467 %ws: Flags = %x%ws, Length = %x
468 Expected at least %u args, received %u
469 Expected no more than %u args, received %u
470 No active Certification Authorities found: %ws
471 %ws: -%ws command FAILED: %ws
472 ???
473 None
474 Other
475 Issuer
476 IssuerRDN
477 IssuerRDNAttribute
478 IssuerRDNString
479 Subject
480 SubjectRDN
481 SubjectRDNAttribute
482 SubjectRDNString
483 Extensions
484 ExtensionArray
485 Extension
486 ExtensionValue
487 ExtensionValueRaw
488 No key provider information
489 Dump Certificate View
490 %ws added to DS store.
491 Ping Active Directory Certificate Services Request interface
492 Ping Active Directory Certificate Services Admin interface
493 Name:
494 Organizational Unit:
495 Organization:
496 Locality:
497 State:
498 Country/region:
499 Config:
500 Exchange Certificate:
501 Signature Certificate:
502 Description:
503 Server:
504 Authority:
505 Entry
506 Certificate Extensions:
507 Request Attributes:
508 Shutdown Active Directory Certificate Services
509 Command Status
510 Dump Certificate Schema
511 Command Succeeded
512 Password
513 X509 Certificate:
514 X509 Certificate Revocation List:
515 PKCS10 Certificate Request:
516 KeyGen Certificate Request:
517 Version: %u
518 Serial Number:
519 Signature Algorithm:
520 Public Key Algorithm:
521 Issuer Unique Id:
522 Subject Unique Id:
523 NotBefore:
524 NotAfter:
525 ThisUpdate:
526 NextUpdate:
527 Revocation Date:
528 Extensions:
529 CRL Extensions:
530 PKCS7 Message:
531 Possible Root Certificate: Subject matches Issuer, but Signature check fails: %x
532 Non-root Certificate
533 Root Certificate: Subject matches Issuer
534 Non-root Certificate uses same Public Key as Issuer
535 Revoking "%ws"
536 Enter PFX password:
537 Unknown Extension type
538 Private Key:
539 Length
540 Display times as GMT
541 GMT
542 BackupDirectory
543 Backup Active Directory Certificate Services certificate and private key
544 BackupDirectory | PFXFile
545 Restore Active Directory Certificate Services certificate and private key
546 [CertificateStoreName [CertId [OutputFile]]]
547 Dump certificate store
548 ProviderType = %x
549 Key Container = %ws
550 Provider = %ws
551 KeySpec = %x
552 Flags = %x
553 Restored keys and certificates for %ws\%ws from %ws.
554 Backed up keys and certificates for %ws\%ws to %ws.
555 [CACertFile]
556 Install Certification Authority certificate
557 PKCS7 Message Content:
558 Authenticated Attributes
559 Signing Certificate Index
560 ================ Begin Nesting Level %d ================
561 ---------------- End Nesting Level %d ----------------
562 %ws: Lang %08x (%u.%u)
563 File %u.%u:%u.%u
564 Product %u.%u:%u.%u\n
565 No Signer
566 No PKCS7 Message Content
567 No Certificates
568 No CRLs
569 Certificates:
570 CRLs:
571 Renewal Certificate:
572 Encrypted Hash:
573 %d attributes:
574 Attribute
575 Value[%d][%d]:
576 BackupDirectory [%1] [%2]
577 Backup Active Directory Certificate Services database
578 BackupDirectory
579 Restore Active Directory Certificate Services database
580 Reason: Unspecified
581 Reason: Key Compromise
582 Reason: CA Compromise
583 Reason: Affiliation Changed
584 Reason: Superseded
585 Reason: Cessation of Operation
586 Reason: Certificate Hold
587 Reason: Remove From CRL
588 List CSPs installed on this machine
589 Test CSPs installed on this machine
590 [Algorithm]
591 Use silent flag to acquire crypt context
592 %1 -- Request queue\n%2 -- Issued or revoked certificates, plus failed requests\n%3 -- Failed requests\n%4 -- Revoked certificates\n%5 -- Extension table\n%6 -- Attribute table\n%7 -- CRL table\n\nTo display the StatusCode column for all entries:\n -out StatusCode\nTo display all columns for the last entry:\n -restrict "RequestId==$"\nTo display RequestId and Disposition for three requests:\n -restrict "RequestId>=37,RequestId<40" -out "RequestId,Disposition"\n\nTo display Row Ids and CRL Numbers for all Base CRLs:\n -restrict "CRLMinBase=0" -out "CRLRowId,CRLNumber" %7\nTo display Base CRL Number 3:\n -v -restrict "CRLMinBase=0,CRLNumber=3" -out "CRLRawCRL" %7\nTo display the entire CRL table:\n %7
593 [ObjectId | %1 | %2 [CommonName]]
594 Active
595 Pending
596 Issued
597 Revoked
598 Error
599 Denied
600 Renewal Cert
601 Stop and Start Active Directory Certificate Services to complete database restore from %ws.
602 Server ICertAdmin%ws interface is alive
603 Cannot open Active Directory Certificate Services database: %ws.
604 The Certification Authority service must be stopped for direct database access.
605 (Local)
606 %ws: No local Certification Authority; use -config option
607 Reason: Unrevoke
608 This might be caused by:\n Inaccessible server\n No permissions on server\n Server not in the expected state\n
610 Server "%ws" ICertRequest%ws interface is alive
611 Connecting to %ws ...
612 Use HKEY_CURRENT_USER keys or certificate store
661 [{%1|%2|%3|%4|%5|%6|%7}\[%8\]]RegistryValueName Value
662 Set registry value
663 Old Value:
664 New Value:
665 AltName: %u entries:
666 AltName
667 Display database locations
668 Not a valid backup target directory: %ws.
669 Not a valid backup directory: %ws.
670 Backup content verification failed: %ws.
671 Incremental database restore for %ws.
672 Full database restore for %ws.
673 Imported Cert
674 ERROR: Cert is not yet valid
675 ERROR: Cert has expired
676 ERROR: Cert Valid before issuing CA Cert Valid
677 ERROR: Cert Expires after issuing CA Cert Expires
678 Decoded extra Extension Array encoding layer (Teletex string)
679 ErrorCode
680 Display error code message text
681 Create/delete web virtual roots and file shares
682 Web Virtual Root %ws
683 File Share %ws
684 Created
685 Deleted
686 Already Exists
687 Not Found
688 Create Error
689 Delete Error
690 Not Supported
691 [%1]
692 Backing up Database files
693 Backing up Log files
694 Truncating Logs
695 Restoring Database files
696 Restoring Log files
697 Maximum Row Index
698 CA Cert
699 CA Cert Chain
700 Characters
701 OVERFLOW:
702 Repeated "-%ws" option
703 Config string must include Authority name
704 CertFile -- certificate file to publish\n%1 -- Publish cert to DS Enterprise store\n%2 -- Publish cert to DS Trusted Root store\n%3 -- Publish CA cert to DS CA object\n%4 -- Publish cross cert to DS CA object\n%5 -- Publish cert to DS Key Recovery Agent object\n%6 -- Publish cert to User DS object\n%7 -- Publish cert to Machine DS object\nCRLFile -- CRL file to publish\nDSCDPContainer -- DS CDP container CN, usually the CA machine name\nDSCDPCN -- DS CDP object CN, usually based on the sanitized CA short name and key index\nUse %8 to create DS object.
705 Ensure the server is correctly installed and retry.
706 Connecting to data source %hs as user %hs
707 Failed to connect to data source 0x%08x (%d)
708 Converted %u rows
709 Skipped %u rows that already exist in new Database
710 Skipped %u rows not issued by this Certification Authority
711 Converting Row %u
712 Row %u -- Skipping duplicate Serial Number: %ws
713 Row %u -- Skipping entry not issued by this Certification Authority: %ws
714 Converting source row %u to target row %u
715 Begin names table entries for %u.%u
716 End names table entries for %u.%u
717 Get SMTP info
718 LogonName
719 Set SMTP info
720 %u Rows
721 Row Properties
722 Request Attributes
723 Certificate Extensions
724 Total Fields
725 %4u %ws, Total Size = %u, Max Size = %u, Ave Size = %u
726 Private key is NOT exportable
727 Enterprise Root CA
728 Enterprise Subordinate CA
729 Stand-alone Root CA
730 Stand-alone Subordinate CA
731 Unknown CA Type: %u
732 [%1] [Machine\ParentCAName]
733 Renew Certification Authority certificate
734 Cert Hash(%ws):
735 Error message text: %ws
736 ================ CRL %d ================
737 Deleting CRL %d
738 CA Certs: %u
739 Keys:
740 Values:
741 Load(CRL) returned %ws
742 CRL
743 ERROR: CRL is not yet valid
744 ERROR: CRL has expired
745 ERROR: CRL Valid before issuing CA Cert Valid
746 ERROR: CRL Expires after issuing CA Cert Expires
747 ERROR: Issuing CA Subject name does not match CRL Issuer
748 Issuing CA Subject name matches CRL Issuer
749 ERROR: CA did not issue CRL: Signature check failed
750 CRL signature is valid
751 CA Key Id matches Key Id
752 ERROR: CA Key Id does not match Key Id
753 No Key Id
754 Incomplete
755 Unavailable
756 Error: No CRL for this Cert
757 Revoked
758 Valid
759 Expired
760 Under Submission
761 Unknown
762 [KeyContainerName | -]
763 List key containers
764 KeyContainerName
765 Delete named key container
766 Certificate is REVOKED
767 CA cert verify status
768 Flags:
769 ERROR: Certificate public key does NOT match private key
770 Signature test passed
771 Signature test FAILED
772 Display DS Certificates
773 [FullDSDN] | [CertId [OutFile]]
774 Display DS CRLs
775 [FullDSDN] | [CRLIndex [OutFile]]
776 [CN]
777 Display DS DNs
778 CN
779 Delete DS DNs
780 Deleting
781 [InfoName [Index | ErrorCode]]
782 Display CA Information
783 InfoName argument syntax:
784 ErrorCode
785 [Index]
786 Force UTF-8
787 Signature: UnusedBits=%u
788 Short Name:
789 Sanitized Short Name:
790 SMIME Capabilities:
791 Request File:
792 PKCS7 Attribute
793 No Signature
794 Certificate Sequence:
795 Cannot find certificate:
796 Valid Encrypted Key Hash
797 [%1 | %2 | %3]
798 [%1 | %2 | %3 | %4 | %5 | %6 | %7]
799 [FullDSDN] | [CRLIndex [OutFile]]
800 Display DS Delta CRLs
801 Display times with seconds and milliseconds
802 ERROR: CA Cert has no Basic Constraints2 Extension
803 ERROR: Cannot decode CA Cert Basic Constraints2 Extension
804 ERROR: CA Cert is an End Entity certificate
805 Cert is a CA certificate
806 Cert is an End Entity certificate
807 Element %u:
808 CMC
809 Certificate is NOT valid: %ws
810 Encryption test passed
811 Encryption test FAILED
812 Use V1 interfaces
813 File version
814 Product version
815 Exit module count
816 Exit module description
817 Policy module description
818 CA name
819 Sanitized CA name
820 Shared folder
821 CA type
822 Parent CA
823 CA cert count
824 CA cert
825 CA cert chain
826 CA exchange cert count
827 CA exchange cert
828 CA exchange cert chain
829 Base CRL
830 Delta CRL
831 CA cert
832 CRL
833 CA info
834 Display CA Property Type Information
835 Use ICertAdmin2 for CA Properties
836 Maximum CA PropId
837 Select a certificate from a selection UI
838 Certificate List
839 List certificates
840 List certificates for ObjectId
841 List Enrollment Registration Authority certificates
842 List Key Recovery Agent certificates
843 Key Id Hash(%ws):
844 CMS Certificate Request:
845 CMS Response:
846 Tagged Attributes:
847 Tagged Content Info:
848 Tagged Requests:
849 Tagged Other Messages:
850 UNKNOWN Request Choice
851 Body Part Id:
852 Cannot load key: %ws
853 Expired certificate
854 Unauthenticated Attributes
855 Content Type
856 Data Reference
857 Cert Reference
858 Value
859 UNKNOWN Tagged Attribute
860 Signer Count
861 Signer Info
862 Hash Algorithm:
863 Encrypted Hash Algorithm:
864 Stored Hash%ws:
865 Computed Hash%ws:
866 CMC Attribute
867 Exchange Authority Information Access
868 Exchange Version
869 InFile
870 Generate and display cryptographic hash over a file
932 Please make sure there is a running CA on the computer.
933 There is no matched CA on the computer. This might be caused by the computer being offline. Please contact the system adminstrator or select a different CA.
934 Cannot ping the selected CA. Please make sure the CA is running.
935 Exchange Enrollment Agent (Offline request)
936 Exchange User
937 Exchange Signature Only
938 There are no published CAs available. Please contact the system adminstrator or select a CA by name.
939 Enrollment Agent (Computer)
940 Save Request File
941 CEP Encryption
942 Built Policy
943 Policy Element
944 Policy Statement Extension
945 Policy inf missing section or key
946 Opened Policy inf
947 Cannot open Policy inf
948 Begin
949 End
950 Manage CA
951 Issue and Manage Certificates
952 Manage Audit Logs
953 Backup and Restore
954 Read
955 Request Certificates
964 Closed Policy inf
965 Message Box
966 The value for RenewalValidityPeriod is incorrect in unattended answer file. It should be one of the following: Years, Months, Weeks or Days (in English).
967 Key Recovery Agent
968 CA Exchange
969
970 Cross Certification Authority
971 Domain Controller Authentication
972 Directory Email Replication
974 \nYou have configured this Web client to forward requests to an enterprise CA. If the CA is using the enterprise default policy module, this computer must have delegation enabled and use Kerberos authentication. To enable delegation, see 'Allow computer accounts to be trusted for delegation' help topic.
976 The Web client cannot be configured to forward requests to the selected CA.
977 The value for the following key is incorrect in the INF file. It should be a boolean value (Yes/No/True/False/0/1).
978 Workstation Authentication
979 RAS and IAS Server
980 Low Assurance
981 Medium Assurance
982 High Assurance
983 OCSP Response Signing
984 Kerberos Authentication
1000 Key recovery agent
1001 Directory e-mail replication
1002 Cross-certified certification authority
1003 Certification authority (CA)
1004 Computer
1005 User
1006 Unknown
1007 Active Directory KRA
1008 Active Directory AIA
2000 Bytes
2001 %ws already in DS store.
2002 Certificate
2003 Subject Key Id (%ws):
2004 precomputed
2005 Cannot open Cert store.
2006 Cannot open existing Cert store. Use %ws switch to force Cert store creation.
2064 One of the following tables must be specified when deleting rows older than %ws:
2065 The date specified is in the future: %ws
2066 CRL Hash(%ws):
2067 Include CRLs
2068 Full Response
2069 CA cert chain with CRLs
2070 CA exchange cert chain with CRLs
2071 Pulse autoenrollment events
2072 DomainName\MachineName$
2073 Display Active Directory machine object information
2074 Machine object missing %ws attribute.
2075 Group Memberships:
2076 [%1 | %2 | %3]
2077 Display domain controller information
2078 Enterprise Root store: %ws
2079 KDC certificates: %ws
2080 DC UNAVAILABLE: %ws
2081 *** Testing DC[%u]: %ws
2082 ** Enterprise Root Certificates for DC %ws
2083 ** KDC Certificates for DC %ws
2084 Unknown Property
2085 Template
2086 Public Key Length: %u bits
2087 Advanced Server
2088 CRL Publish Status
2089 Delta CRL Publish Status
2090 Templates
2091 Parameter = %x
2092 Parameter Flags = %x
2093 Archived!
2094 DomainName\MachineName$
2095 Display enterprise information
2096 Display CA information
2097 DSS Key Length: %u bits
2098 ================ CTL %d ================
2099 Client Id:
2100 User:
2101 Machine:
2102 Certificate Trust List:
2103 List Identifier:
2104 Sequence Number:
2105 Subject Algorithm:
2106 CTL Entries:
2107 Usage Entries:
2108 Subject Identifier%ws:
2109 View Certificate Store
2110 Select Certificate
2111 Select Certificate to Delete
2112 Saved certificate %ws
2113 Deleted certificate %ws
2114 Enroll-on-Behalf-of
2115 [ReaderName]
2116 Display smart card information
2117 Service is paused.
2118 Service is stopped.
2119 Service is in an unknown state.
2120 The Microsoft Smart Card Resource Manager is running.
2121 The Microsoft Smart Card Resource Manager is not running.
2122 Found AT_SIGNATURE key but no AT_KEYEXCHANGE key
2123 Server could not be reached: %ws
2124 Select Decryption Certificate
2125 Foreign Cert
2126 KRA Cert
2127 UPN:
2128 Subject Unmodified
2129 Publish Error
2130 NULL signature verifies
2131 Source Url Name:
2132 Local File Name:
2133 Use Count: %d
2134 Hit Rate: %d
2135 File Size: %d
2136 Last Modified Time:
2137 Expire Time:
2138 Last Access Time:
2139 Last Sync Time:
2140 Error: Check machine name. Should be domain\computer$
2141 %ws is missing trailing $, correct?
2142 Issuer Domain Policy =
2143 Subject Domain Policy =
2144 Map[%u]:
2145 Cert Type not DC: %ws
2146 Cert Usage missing %ws
2147 Deleted KDC certificate!
2148 CertDeleteCertificateFromStore failed! - %x
2149 %u KDC certs for %ws
2150 No KDC Certificate in MY store
2151 No certs in Ent Root store!
2152 CertOpenStore on remote My store failed! - %x
2153 Error Getting Archived Prop bit! - %x
2154 ++ Archived Certificate ++
2155 No Autoenrolled Certificates in MY store!!!
2156 CertOpenStore on remote ent store failed! %x
2157 No Autoenrollment Objects!!!
2158 No Access!
2159 Retrieve and verify AIA Certs and CDP CRLs
2160 Defaults to Request and Certificate table\n%1 -- Extension table\n%2 -- Attribute table\n%3 -- CRL table\n
2161 CA Expiration (%ws): %x
2162 Supported Certificate Templates:
2163 No supported Certificate Templates::
2164 CA Name property fetching failed! %x
2165 CA Name: %ws
2166 DNS Name property fetching failed! %x
2167 Machine Name: %ws
2168 DS Location: %ws
2169 Cert DN property fetching failed! %x
2170 Cert DN: %ws
2171 Sig Alg property fetching failed! %x
2172 Supported signature algs: %ws
2173 No signature algs on DS! <Unexpected>
2174 No Certificate types for this CA
2175 No certificate type returned, although one exists!
2176 No CA's listed in the domain. The configuration might be stored in the root domain. Use the -dc option to target your root domain controller for the information.
2177 Cannot access DFS share
2178 DFS Data is accessible
2179 No entries found in Ping Search!
2180 No DSPath for Policy [non-fatal]
2181 RegQueryValue (DSPATH) failed! %x
2182 No FileSysPath for Policy [non-fatal]
2183 Done.
2184 ldap search (%ws) found 0 items!
2185 =========== Root Certs in policy =================
2186 Certificate %u:
2187 No Root Certificates in Policy on this machine
2188 Check event log for UserEnv errors!
2189 ==== Policies Processed for MACHINE ===
2190 ==== Policies Processed for USER ===
2191 Possibly No Policies applied. See Event Log for Userenv errors!
2273 A list of smart card readers cannot be determined.
2274 SCardListReaders failed for SCARD_ALL_READERS
2275 No smart card readers are currently available.
2276 A list of smart card readers could not be determined.
2277 Readers:
2278 --- Reader:
2279 --- Status:
2280 No card.
2281 The card is unrecognized or not responding.
2282 Card is in use exclusively by another process.
2283 The card is being shared by a process.
2284 The card is available for use.
2285 Card/Reader not responding.
2286 --- Card:
2287 Unknown Card.
2288 Performing %ws public key matching test...
2289 %ws succeeded but returned zero size
2290 Public key from KeyProvInfo container:
2291 Public key from Cert:
2292 Public key matching test succeeded
2293 Chain on smart card is invalid
2294 Chain validates
2295 No %ws key for reader:
2296 Cannot open the %ws key for reader:
2297 No %ws cert retrieved for reader:
2298 Performing cert chain verification...
2299 Displayed %ws cert for reader:
2300 Analyzing card in reader:
2301 Cannot retrieve Provider Name for %ws
2302 %1 -- Failed and pending requests (submission date)\n%2 -- Expired and revoked certificates (expiration date)\n%3 -- Extension table\n%4 -- Attribute table\n%5 -- CRL table (expiration date)\n\nTo delete failed and pending requests submitted by January 22, 2001:\n 1/22/2001 %1\nTo delete all certificates that expired by January 22, 2001:\n 1/22/2001 %2\nTo delete the certificate row, attributes and extensions for RequestId 37:\n 37\nTo delete CRLs that expired by January 22, 2001:\n 1/22/2001 %5
2310 ERROR: Could not find a matching user or computer in Active Directory.
2311 KMS CA Certificate List
2312 Select KMS CA certificate
2313 RequestId -- numeric Request Id of a pending request\nExtensionName -- ObjectId string of the extension\nFlags -- 0 is recommended. 1 makes the extension critical,\n2 disables it, 3 does both.\nIf the last parameter is numeric, it is taken as a Long.\nIf it can be parsed as a date, it is taken as a Date.\nIf it starts with '@', the rest of the token is the filename containing binary data or an ascii-text hex dump.\nAnything else is taken as a String.
2314 InFileList -- comma separated list of Certificate or CRL files to modify\n and re-sign\nSerialNumber -- Serial number of certificate to create\n Validity period and other options must not be present\n%1 -- Create an empty CRL\n Validity period and other options must not be present\nOutFileList -- comma separated list of modified Certificate or CRL output\n files. The number of files must match InFileList.\nStartDate+dd:hh -- new validity period: optional date plus\n optional days and hours validity period\n If both are specified, use a plus sign (+) separator\nSerialNumberList -- comma separated serial number list to add or remove\nObjectIdList -- comma separated extension ObjectId list to remove\n@ExtensionFile -- INF file containing extensions to update or remove:\n %2\n %3 Remove CRL Distribution Points extension\n %4 Update Key Usage extension\n %5\n\nA minus sign causes serial numbers and extensions to be removed.\nA plus sign causes serial numbers to be added to a CRL.\nWhen removing items from a CRL, the list may contain both serial numbers\nand ObjectIds.
2315 InfoName -- indicates the CA property to display (see below)\n Use "*" for all properties\nIndex -- optional zero-based property index\nErrorCode -- numeric error code
2316 %1 -- Use CA's registry key\n%2 -- Use CA's restore registry key\n%3 -- Use policy module's registry key\n%4 -- Use first exit module's registry key\n%5 -- Use template registry key (use -user for user templates)\n%6 -- Use enrollment registry key (use -user for user context)\n%7 -- Use chain configuration registry key\n%8 -- Use policy or exit module's ProgId (registry subkey name)\n\nRegistryValueName -- registry value name (use "Name*" to prefix match)\nValue -- new numeric, string or date registry value or filename.\n If a numeric value starts with "+" or "-", the bits specified\n in the new value are set or cleared in the existing registry value.\n\n If a string value starts with "+" or "-", and the existing value\n is a REG_MULTI_SZ value, the string is added to or removed from\n the existing registry value.\n To force creation of a REG_MULTI_SZ value, add a "\n" to the end\n of the string value.\n\n If the value starts with "@", the rest of the value is the name\n of the file containing the hexadecimal text representation\n of a binary value.\n If it does not refer to a valid file, it is instead parsed as\n [Date][+][dd:hh] -- an optional date plus optional days and hours.\n If both are specified, use a plus sign (+) separator.\n Use "%9" for the current time.
2317 dd:hh -- new CRL validity period in days and hours\n%1 -- republish most recent CRLs\n%2 -- delta CRLs only (default is base and delta CRLs)
2318 Index -- CRL index or key index (defaults to CRL for newest key)\n%1 -- delta CRL (default is base CRL)
2319 CertFile -- Certificate to verify\nApplicationPolicyList -- optional comma separated list of required\n Application Policy ObjectIds\nIssuancePolicyList -- optional comma separated list of required Issuance\n Policy ObjectIds\n\nCACertFile -- optional issuing CA certificate to verify against\nCrossedCACertFile -- optional certificate cross-certified by CertFile\n\nCRLFile -- CRL to verify\nIssuedCertFile -- optional issued certificate covered by CRLFile\nDeltaCRLFile -- optional delta CRL\n\nIf ApplicationPolicyList is specified, chain building is restricted to\n chains valid for the specified Application Policies.\nIf IssuancePolicyList is specified, chain building is restricted to chains\n valid for the specified Issuance Policies.\n\nIf CACertFile is specified, fields in CACertFile are verified against\n CertFile or CRLFile.\nIf CACertFile is not specified, CertFile is used to build and verify a full\n chain.\nIf CACertFile and CrossedCACertFile are both specified, fields in\n CACertFile and CrossedCACertFile are verified against CertFile.\n\nIf IssuedCertFile is specified, fields in IssuedCertFile are verified\n against CRLFile.\nIf DeltaCRLFile is specified, fields in DeltaCRLFile are verified against\n CRLFile.
2320 KeyContainerName -- key container name of the key to verify\n Defaults to machine keys. Use -user for user keys\nCACertFile -- signing or encryption certificate file\nIf no arguments are specified, each signing CA cert is verified against its\n private key.\nThis operation can only be performed against a local CA or local keys.
2321 CertificateStoreName -- Certificate store name. Examples:\n "%1", "%2" (default), "%3",\n\n "%10" (View Root Certificates)\n\n "%11" (Modify Root Certificates)\n\n "%12" (View CRLs)\n\n "%13" (Enterprise CA Certificates)\n %16 (AD machine object certificates)\n %5 %16 (AD user object certificates)\n\nCertId -- Certificate or CRL match token. This can be a serial number,\n an SHA-1 certificate, CRL, CTL or public key hash,\n a numeric cert index (0, 1, etc.),\n a numeric CRL index (.0, .1, etc.),\n a numeric CTL index (..0, ..1, etc.),\n a public key, signature or extension ObjectId,\n a certificate subject Common Name,\n an e-mail address, UPN or DNS name,\n a key container name or CSP name,\n or a CRL issuer Common Name.\n Many of the above may result in multiple matches.\nOutputFile -- file to save matching cert\nUse %5 to access a user store instead of a machine store.\nUse %4 to access a machine enterprise store.\nUse %14 to access a machine service store.\nUse %15 to access a machine group policy store.\n\nExamples:\n%6\n%7\n%8\n%9
2322 CertificateStoreName -- Certificate store name. See -store.\nInFile -- Certificate or CRL file to add to store.
2323 CertificateStoreName -- Certificate store name. See -store.\nCertId -- Certificate or CRL match token. See -store.
2324 BackupDirectory -- directory to store backed up data\n%1 -- perform incremental backup only (default is full backup)\n%2 -- preserve database log files (default is to truncate log files)
2325 BackupDirectory -- directory to store backed up database files\n%1 -- perform incremental backup only (default is full backup)\n%2 -- preserve database log files (default is to truncate log files)
2326 BackupDirectory -- directory to store backed up PFX file
2327 BackupDirectory -- directory containing data to be restored
2328 BackupDirectory -- directory containing database files to be restored
2329 BackupDirectory -- directory containing PFX file to be restored\nPFXFile -- PFX file to be restored
2330 CertId -- Certificate or CRL match token. See -store.\nPFXFile -- exported PFX data output file\nDefaults to personal machine store.
2331 PFXFile -- PFX file to be imported\nDefaults to personal machine store.
2332 UserKeyAndCertFile -- Data file containing user private keys and\ncertificates to be archived. This can be any of the following:\n Exchange Key Management Server (KMS) export file\n PFX file\n Outlook key export (EPF) file\nCertId -- KMS export file decryption certificate match token. See -store.\nUse %1 to import certificates not issued by the CA.
2333 PFXInFileList -- Comma separated PFX input file list\nPFXOutFile -- PFX output file\nThe password specified on the command line is a comma separated password\nlist. If more than one password is specified, the last password is used\nfor the output file. If only one password is provided or if the last\npassword is "*", the user will be prompted for the output file password.
2334 PFXInFileList -- Comma separated PFX input file list\nEPF -- EPF output file\n%1 -- Use CAST 64 encryption\n%2 -- Use CAST 64 encryption (export)\nV3CACertId -- V3 CA Certificate match token. See -store CertId description.\nSalt -- EPF output file salt string\nThe password specified on the command line is a comma separated password\nlist. If more than one password is specified, the last password is used\nfor the output file. If only one password is provided or if the last\npassword is "*", the user will be prompted for the output file password.
2335 RequestId -- numeric Request Id of pending request\nAttributeString -- Request Attribute name and value pairs\n Names and values are colon separated.\n Multiple name, value pairs are newline separated.\n Example: "CertificateTemplate:User\nEMail:User@Domain.com"\n Each "\n" sequence is converted to a newline separator.
2336 SerialNumber -- Comma separated list of certificate serial numbers to revoke\nReason -- numeric or symbolic revocation reason:\n 0: %1 -- Unspecified (default)\n 1: %2 -- Key Compromise\n 2: %3 -- CA Compromise\n 3: %4 -- Affiliation Changed\n 4: %5 -- Superseded\n 5: %6 -- Cessation of Operation\n 6: %7 -- Certificate Hold\n 8: %8 -- Remove From CRL\n -1: %9 -- Unrevoke
2337 Use %1 to import certificates not issued by the CA.
2338 OutCACertFile -- output file\nIndex -- CA certificate renewal index (defaults to most recent)
2339 OutCACertChainFile -- output file\nIndex -- CA certificate renewal index (defaults to most recent)
2340 Use %2 to ignore an outstanding renewal request, and generate a new request.
2341 Verify Certificate or CRL URLs
2342 InFile | URL
2343 Certificate "%ws" already in store.
2344 Certificate "%ws" added to store.
2345 CRL "%ws" already in store.
2346 CRL "%ws" added to store.
2347 CTL %ws already in store.
2348 CTL %ws added to store.
2349 KMS V1 CA Certificate List
2350 Select KMS V1 CA certificate
2351 Error message text
2352 Error message text and error code
2353 Retrieving
2354 Success
2355 Failed
2356 Verifying
2357 Verify Failure
2358 No URLs
2359 Error
2360 Expired
2361 Wrong Issuer
2362 Revoked
2363 Revocation Check Failed
2364 No CRL
2365 OK
2366 CDP
2367 AIA
2368 Base CRL
2369 Delta CRL
2370 Certificate
2371 None
2372 Status
2373 Type
2374 Url
2375 Retrieval Time
2378 GetObjectUrl
2379 Certificate Subject
2380 Base CRL Issuer
2381 Delta CRL Issuer
2382 No Selection
2383 No Certificate Selected
2384 Error Opening Certificate or CRL File
2385 Select Certificate or CRL
2386 Error Information
2387 Error retrieving URL: %ws
2388 No URLs found: %ws
2389 Cannot find KMS CA certificate required to construct the EPF file.\nEnroll a client in the same KMS and use Outlook to save the user keys\nto an EPF file. Take the EPF file to the current machine and use certutil\nto dump the EPF file. This will import the needed KMS CA certificates into\nthe local machine cert store, making them available to construct new EPF files.
2390 SearchToken -- Used to select the keys and certificates to be recovered.\n Can be any of the following:\n Certificate Common Name\n Certificate Serial Number\n Certificate SHA-1 hash\n Requester Name (domain\user)\n UPN (user@domain)\nRecoveryBlobOutFile -- output file containing a certificate chain and an\n associated private key, still encrypted to one or more Key Recovery\n Agent certificates.
2391 %ws deleted from DS store.
2392 Forward cross cert
2393 Backward cross cert
2394 Forward cross cert
2395 Backward cross cert
2396 KRA cert
2397 Not found
2398 Invalid
2399 Untrusted
2400 Not loaded
2401 CA cross cert
2402 System default Language Id:
2403 Version %u certificates and keys:
2404 Use old PFX encryption
2405 Certificate signature is valid
2406 Key usage count
2407 Disabled
2408 Not supported
2409 CA cert version
2410 Enabled Active Server Pages (ASP)
2411 Active Server Pages (ASP) already enabled
2412 Error enabling Active Server Pages (ASP)
2413 MISSING!
2414 Sanitized CA short name (DS name)
2415 WinINet Cache entries deleted: %u
2416 WinINet Cache entries: %u
2417 Permitted
2418 Excluded
2419 IP Address
2420 Mask
2421 URL -- cached URL\n%1 -- operate on all cached CRL URLs only\n%2 -- operate on all cached URLs\n%3 -- delete relevant URLs from the current user's local cache\nUse %4 to force fetching a specific URL and updating the cache.
2422 Subtree
2423 Related Certificates:
2424 Related CRLs:
2425 Exact match:
2426 Protect keys with password
2427 Set templates for CA
2428 [+ | -]TemplateList
2429 Adding
2430 Removing
2431 Already present
2432 Not present
2433 KMS export file signature verifies
2434 AutoEnroll Property
2435 RequestId
2436 Authority
2437 Friendly Name
2438 Token match
2439 Bad Asn length encoding
2440 Asn encoding: %x extra bytes
2441 %ws key verifies against certificate
2442 %ws key does not match certificate
2443 Expected
2444 Public key:
2445 Cert Public key:
2446 certs
2447 Signing
2448 Exchange
2449 LoadCert(CACrossed) returned %ws
2450 Crossed CA Cert
2451 Crossed CA Cert Serial Number:
2452 Crossed CA Subject name matches Cert Subject
2453 ERROR: Crossed CA Subject name does not match Cert Subject
2454 Crossed CA public key matches Cert key
2455 ERROR: Certificate public key does NOT match Cert key
2456 Crossed CA Subject Key Id matches Cert Subject Key Id
2457 ERROR: Crossed CA Key Id does not match Key Id
2458 CA Cert
2459 canonicalized
2460 A required CRL extension is missing
2461 Verified
2462 Bad CA Cert Subject
2463 Bad Cert Issuer
2464 Old Base CRL
2465 Bad Authority Key Id
2466 No IDP Intersection
2467 ERROR: CRL Issuer does not match Cert Issuer
2468 CRL Issuer matches Cert Issuer
2469 Provider
2470 ERROR: CRL IDP extension does not match Cert CDP
2471 ERROR: CRL Issuer does not match Delta CRL Issuer
2472 CRL Issuer matches Delta CRL Issuer
2473 WARNING: CRL CA Version does not match Cert CA Version
2474 WARNING: CRL CA Version does not match Delta CRL CA Version
2475 ERROR: CRL Number less than Delta CRL Minimum Base
2476 ERROR: CRL is not a Base CRL
2477 ERROR: CRL is not a Delta CRL
2478 Verifying Issued Certificate:
2479 Verifying Delta CRL:
2480 WinHttp Cache entries deleted: %u
2481 WinHttp Cache entries: %u
2482 Meta File Name:
2483 WinINet Cache entry:
2484 WinHttp Cache entry:
2485 CAName
2486 MachineName
2487 Time:
2488 Certificate AIA
2489 Certificate CDP
2490 Base CRL CDP
2491 URL fetch timeout in milliseconds
2492 Timeout
2493 Cannot export public key
2494 Display private key data
2495 OCSP
2496 Decode Error
2497 Unsuccessful
2498 Unsupported
2499 No Signer
2500 Invalid Signature
2501 OCSP Request:
2502 OCSP Response:
2503 Produced At
2504 OCSP Response Entries:
2505 OCSP Response Info
2506 OCSP Request Entries:
2507 OCSP Request Info
2508 Issuer Name Hash(%ws):
2509 Issuer Key Hash(%ws):
2510 Serial Number Not Found
2511 Unknown
2512 Invalid Signer EKU
2513 Signer Expired
2514 Revoked As Of
2515 Certificate OCSP
2516 Parse ASN.1 file
2517 File
2518 DECODE ERROR!
2519 Unique container name
2520 To be backed up
2521 Expected Base CRL
2522 Expected Delta CRL
2523 Default Container
2524 End Of Content
2525 Install a Certification Authority on current machine
2550 Administrator permissions are needed to use the selected options. Use an administrator command prompt to complete these tasks.
2551 The restored CA certificate has expired. Before restarting Active Directory Certificate Services you must renew the CA certificate.
2552 Create/delete web virtual roots for OCSP web proxy
2553 [%1]
2554 The OCSP Web Proxy already exists.
2555 Name of Symmetric Key Algorithm with optional key length, example: AES,128 or 3DES
2556 SymmetricKeyAlgorithm[,KeyLength]
2557 This verb has been restricted by Common Criteria.
2558 The certification propagation service could not be contacted. Your root certificates may not be available for use.
2559 Content Encryption Algorithm:
2560 Encode text without CR-LF characters
2561 Encode text as Unicode
2562 Enumerate certificate stores
2563 [\\MachineName]
2564 MachineName -- remote machine name.
2565 Use service certificate store
2566 Use Group Policy certificate store
2567 Install default certificate templates
2568 CertificateStoreName -- Certificate store name. See -store.\nCertIdList -- comma separated list of Certificate or CRL match tokens.\n See -store's CertId description.\nPropertyInfFile -- INF file containing external properties:\n %1\n %2 Add archived property, OR:\n %3 Remove archived property\n\n %4 "%5Friendly Name" ; Add friendly name property\n\n %6 Add custom hexadecimal property\n %7\n %8\n\n %9 Add Key Provider Information property\n %10Container Name%11\n %12\n %13\n %14\n %15
2569 Dump smart card file information
2570 [ReaderName]
2571 Cannot read file
2572 Successfully uncompressed
2573 Cannot uncompress file
2574 Failed to authenticate to card
2575 Successfully authenticated to card
2576 Reading directory
2577 Enter PIN:
2578 Each restriction consists of a column name, a relational operator and\n a constant integer, string or date. One column name may be preceded\n by a plus or minus sign to indicate the sort order.\n Examples:\n %1\n %2\n %3
3012 --- ATR:
4050 Select Certification Authority
4051 Select a Certification Authority to send the request.
