Hardware Security Module Reading Time: 3 minutes

What causes NTE_Provider_DLL failure?

In this blog, we are covering an error where the ADCS Service stopped working on Issuing CA. The issue was related to the HSM side as the SafeNet Key Storage provider failed to initialize properly.

Issue

ADCS Service failing to start.

Error Code

Log Name Application
Source Microsoft-Windows-CertificationAuthority
Event ID 100
Level Error

Description

Active Directory Certificate Services did not start: Could not load or verify the current CA certificate. Issuing CA Provider DLL failed to initialize correctly. 0x8009001d (-2146893795 NTE_PROVIDER_DLL_FAIL).

This error comes in the case of Luna; if it’s Ncipher, you’ll see that the provider of the Ncipher will fail.

Steps done

  • We did run certutil -csplist to check whether the SafeNet Key Storage Provider was configured correctly.
  • If there is a provider failed to pass the test. You can check the configuration under the registry entries under
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration \CA NAME\CSP

Solution

This issue often occurs when CA uses the HSM and HSM is incorrectly configured.

  • Verify that the connectivity of HSM is properly configured.
  • HSM’s cryptographic service provider should be loaded/initialized properly (re-register and reconfiguring along with a reboot).

Free Downloads

Datasheet of Encryption Consulting Services

Encryption Consulting is a customer focused cybersecurity firm that provides a multitude of services in all aspects of encryption for our clients.

Download

About the Author

Hemant Bhatt's profile picture

Hemant Bhatt is a dedicated and driven Consultant at Encryption Consulting. He works with PKIs, HSMs, and cloud applications. With a focus on encryption methodologies and their application in data security, Hemant has honed his skills in developing applications tailored to clients' unique needs. Hemant excels in collaborating with cross-functional teams to analyze requirements, develop strategies, and implement innovative solutions. Hemant is deeply fascinated by cloud security, encryption, cutting-edge cryptographic protocols such as Post-Quantum Cryptography (PQC), Public Key Infrastructure (PKI), and all things cybersecurity.

Explore the full range of services offered by Encryption Consulting.

Feel free to schedule a demo to gain a comprehensive understanding of all the services Encryption Consulting provides.

Request a demo