I inadvertently ran certutil -delreg CA\CRLPublicationURLs on one of my test CA's which deleted all my entries. I re-ran the following: certutil -setreg CA\CRLPublicationURLs "65:%windir%\system32\CertSrv\CertEnroll\%%3%%8%%9.crl\n6:http://svrt0000151c.tus.ams1907.com/CertData/%%3%%8%%9.crl\n65:file://\\svrt0000151c.tus.ams1907.com\CertData\%%3%%8%%9.crl\n Now when I isssue the certutil -CRL command I get the following error in the event log: Active Directory Certificate Services could not publish a Delta CRL for key 0 to the following location: C:\Windows\system32\CertSrv\CertEnroll\Operation aborted 0x80004004 (-2147467260)%8%9.crl. Operation aborted 0x80004004 (-2147467260). Why am I getting this error? Thanks, Paul

what about Base CRL? Is it published correctly? p.s. if I remember correctly, you don't need to escape percent sign if you run the command directly from CMD console, it is necessary, when you place them in batch files. My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com Windows PKI reference: on TechNet wiki

Yes, the base CRL is publishing correctly the issue / event is only being generated for the Delta CRL. You are correct, when running on the CMD console a single % is used, when running via a batch a double %%. Another interesting thing seems to be that the error only ig generated when I issue the certutil -CRL command. If I stop and restart the CA (net stop certsvc & net start certsvc) both the Base and Delta CRL are published without error.

Some follow-up info. Not sure how this could possibly have any connection but I was getting "Access Denied" to the \\svrt0000151c.tus.ams1907.com\CertData location mentioned in my original post. I modified the NTFS permissions on that folder and now I'm no longer getting the error on failing to publish the Delta CRL to the %windir%\system32\CertSrv\CertEnroll location.

Did you work out why this was happening? I am getting a similar problem! The Base CRL always publishes correctly but the Delta CRL will publish daily around 5pm but it fails when it automatically tries other times with an Event ID 66 in the Event Viewer. Operation aborted 0x80004004! I really want to know why the errors occur and whether I should worry about the error messages since the Delta CRL's do seem to get published according to the file timestamp. Thanks Richard

Did you work out why this was happening? I am getting the same problem, Base CRL publishing correctly but Delta CRL not unless restarting the CA! Which NTFS account permissions did you change in the CertData location? Thanks Richard