Increasing the password cache limit on the NDES server

Increase the password cache limit on the NDES server.

About this task

By default, the NDES server caches challenge passwords when requested by the Device Administrator. The NDES server does not give out new challenge passwords until the existing passwords are used for certificate requests. The default setting on the NDES server is five cached passwords. If you load the SCEP Admin URL five times to test and request for a sixth, the NDES server displays that the password cash is full. The screen also displays the available next steps.

Use the following procedure to configure NDES to cache more than five passwords.

Procedure

  1. Log on to the NDES server with administrative credentials.
  2. Open the registry editor by using Start > Run > Regedit.exe.
  3. Go to HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\MSCEP.
  4. Create a key named PasswordMax.
  5. Under the PasswordMax key, create a new DWORD key that is named PasswordMax and increase the value.
  6. Restart IIS.
    For more information, see Restarting IIS on the NDES server.

What to do next

Increasing the maximum query string on the NDES server