Follow

Error: "Failed to launch CA communication process with error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it" when trying to communicate with a Microsoft CA

Applies To:

Trust Protection Platform 14.2 and above

Symptoms:

When trying to either retrieve certificate templates or enroll against an Microsoft CA, it fails with the error message "Failed to launch CA communication process with error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it"

Screen_Shot_2015-01-27_at_15.58.04.png

 

Screen_Shot_2015-01-27_at_16.00.18.png

 

Cause:

This error is likely due to the Secondary Logon service being disabled.

Since 14.2, we no longer use the Venafi COM + Service to communicate with a Microsoft CA. Instead we require the Secondary Logon service to be enabled so our application can successfully communicate.

Resolution:

  1. Open Services.msc
  2. Search for the Secondary Logon service

    Screen_Shot_2015-01-27_at_16.04.49.png

  3. Change the Startup type to Manual
    NOTE: The Venafi Trust Protection Platform Server might need to be rebooted for the change to be applied.
    If there are more than one Venafi Trust Protection Platform server, those steps must be applied to all of them

Related Articles

What are the minimum rights required to setup MSCA

Error: "System error: CCertAdmin: GetCAProperty: The RPC server is unavailable. 0x800706b (WIN32: 1722)" is displayed when trying to communicate with a Microsoft CA

Was this article helpful?
0 out of 1 found this helpful

Comments