Hi,
I am trying to configure an OCSP Responder on Windows Server 2016.
I managed to installed the OCSP Reponder role and the Revocation Configuration.
For the signing certificate, I created a CSR with certreq -New, signed it with an external CA and then used certreq -Accept to bind the cert to the private key.
When I assign the certificate to the Revocation Configuration, I receive the following error: Keyset does not exist 0x80090016 (-2146893802 NTE_BAD_KEYSET)
If I use certutil -store my, I can see Signature test passed:
Serial Number: 6cdfdcd3ea7249059a930839
NotBefore: 15.07.2021 20:43
NotAfter: 15.07.2022 20:43
Subject: CN=***, C=RO
Non-root Certificate
Cert Hash(sha1): b700bb78841fdbf04201e8993a1ee78c3d99fd6f
Key Container = 3232281044959491735dbcae07eee658_b35742b4-3738-426e-b437-1650b03eb56b
Simple container name: tq-c437bd7f-a979-4b22-9c78-ca6c2e9d9ac3
Provider = Microsoft Strong Cryptographic Provider
Private key is NOT exportable
Signature test passed
CertUtil: -store command completed successfully.
Also, In the Machine Key Store, I can see the certificate with the message: "You have a private key that corresponds to this certificate".
I also tried to create the key pair (certreq cmd) using another provider: Microsoft Enhanced Cryptographic Provider v1.0, but I received the same error.
Does anyone have any idea why I am facing this problem?
