Recovery Certificate Templates

Restore certificate templates

Restore certificate templates from a certification authority

If you have accidentally deleted a certificate template, you can easily restore it.

The certificate templates of a certification authority are stored centrally in the Active Directory. We can view these within the configuration partition using an LDAP tool or the integrated ADSI editor.

To do this, navigate to

CN = Certificate Templates, CN = Public Key Services, CN = Services, CN = Configuration, DC = dwp, DC = local

Repository certificate templates

View from the point of view of the certification authority.

CA Certificate Templates

If I have accidentally deleted one or more standard templates, they can be restored with a command on the command line, for example on a domain controller.

CertUtil -InstallDefaultTemplates

CertUtil -InstallDefaultTemplates

The whole thing can also be done directly via the certificate template console, provided you have access. The console automatically detects that the templates are missing and offers to reinstall them.

Recovery Certificate Templates

The standard templates have been reinstalled.

Install certificate templates

Notice:

The certificate template console can only be used to delete duplicates, but not standard templates.

Certificate template and purpose