Cannot Overwrite Smart Card Key During Certificate Services Setup (228831)
The information in this article applies to:
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
- Microsoft Windows 2000 Datacenter Server
This article was previously published under Q228831 SYMPTOMS
During Certificate Services installation, attempting to write a new key to a smart card does not succeed, generating the following error message:
Microsoft Certificate Services
This key storage device is full and the new key "CA name" could not be added. Go back and pick an existing key, or use a different key storage device.
The security token does not have storage space available for
an additional container. 0x80090023 (-2146893789)
CAUSE
You cannot replace a smart card's key during Certificate Services installation. If Certificate Services discovers from the Cryptographic Service Provider (CSP) that the card is full, installation cannot continue unless you insert a clean smart card, or you use the current key on the card (of proper key usage, in this case, Signature) for the Certificate Authority (CA).
RESOLUTION
To resolve this issue, use either of the following methods:
- Select a key that is already on the card. It is listed in the list of available keys.
-or- - Choose to generate a new key and use a smart card that does not currently contain one.
STATUSMicrosoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
| Modification Type: | Major | Last Reviewed: | 11/13/2003 |
|---|
| Keywords: | kberrmsg kbprb KB228831 |
|---|
|