Unable to issue certificates RRS feed

  • Question

  • There doesn't seem to be a forum for this (Windows Security), so...

    I have AD Certificate Services CA role installed on a Win 2K8 R2 server.  The Web Cert Enrollment role was installed on the same server, and worked fine until recently (now it just throws 404 errors).  Rather than try to solve that problem, I decided to install the Web Cert Enrollment role on another domain server (also 2008 R2) but not a CA.  Just a domain server running IIS and the Web Cert Enrollment site.  That site runs properly except that it doesn't communicate with the CA server.  I get:

    Your request failed. An error occurred while the server was
    processing your request.

    Contact your administrator for further assistance.

    <input id="locBtnDetails" type="button" value="Details >>" />

    Request Mode:
    newreq <locid id="locModeSpacer">-</locid> <locid id="locModeNewReqIE">New
    Dislocid id="locDispNeverSet">(never set)</locid>
    Disposition message:
    <locid id="locDispMsgNone">(none)</locid>
    The RPC server is unavailable. 0x800706ba (WIN32: 1722)
    COM Error Info:
    CCertRequest::Submit: The RPC server is unavailable. 0x800706ba (WIN32:
    The operation completed successfully. 0x0 (WIN32: 0)
    Suggested Cause:

    <locid id="locSugCauseNotStarted1">This error can occur if the Certification
    Authority Service has not been started.</locid>

    <locid id="locSugCauseNotStarted1">The Cert Authority service is running.  This has to be a permissions problem, but I don't know how to fix it.  The many, many articles on this problem are unhelpful, assuming that the CA and the Web enrollment roles are running on the same server or that the Web Enrollment role is running on a subordinate CA.  Neither is the case here.</locid>

    If you answer, please be explicit in your references to either the CA server or the Web Enrollment server.<locid id="locSugCauseNotStarted1"></locid>

    <locid id="locSugCauseNotStarted1"></locid>

    Howard Epstein

    Monday, October 31, 2016 8:30 PM