3

I have created a certificate using MMC console and assigned it to a website. However, when I view the certificate there is a warning icon on the KeyUsage part. You can see this in the below screenshot:

enter image description here

Also, I'm getting error in one of the applications that - KeyUsage does not allow digital signatures.

Why is the Microsoft certificate tool warning on keyUsage? What is wrong with it or what should I do to fix it?

Alex
  • 14,104
  • 11
  • 54
  • 77
Deluxplanet345
  • 55
  • 1
  • 5

1 Answers1

6

That icon is used to represent a certificate extension that is marked as "critical", it doesn't mean that there's something wrong with it. https://support.quovadisglobal.com/kb/a92/what-is-the-caution-symbol-next-to-the-extension-name.aspx.

Critical extensions a perfectly normal. https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.3 says that for Key Usage:

When present, conforming CAs SHOULD mark this extension as critical.

Community
  • 1
  • 1
bartonjs
  • 30,352
  • 2
  • 71
  • 111
  • The above link is broken, but this post says the same thing: https://social.technet.microsoft.com/Forums/windowsserver/en-US/84eaa61f-d13b-4544-9185-078c014ab552/yellow-warning-signs-on-keyusage-in-detailed-certificate-display?forum=winserversecurity – BuvinJ Feb 17 '21 at 20:31