|
Posted by Kristin Griffin on January 17, 2008, 8:46 pm
Please log in for more thread options
Ok,
I figured out #2. The answer was to uninstall and reinstall AD CS Web
enrollment. This fixed it. I can now web enroll for certs. So, even
though it said it installed successfully the first time, it apparantly did
not.
Still looking for a fix or clarification for the AIA and ocsp errors.
Thanks,
Kristin
>
>
>
>
> Thanks in advance for the help.
>
> My setup is this:
>
> · DC = LH_DC1, win2k8 server
>
> · PKI server = LH_PKI1, win2k8 server
>
> · Client = LH_CLI1, vista
>
> I setup my test lab using the AD CS Step by Step Guide, and the OCSP
> whitepaper. I am still having these issues:
>
>
>
> 1. I believe my OCSP implementation is working. I can auto enroll
> users now, so that would be a good test right? Also, I can download the
> latest CRL, and the responder says that it is OK. Before I could not do
> any of this. But I am still concerned by what I see in this picture:
>
> See pic1
>
> Are these locations still valid and should I care? Or is this from when I
> was having issues with ocsp? I redid the AIA config (erased the old
> http://LH_PKI1 and redid it. That seemed to help.) Am I still having
> issues then? If so, how else can I test and resolve this?
>
> I have rebooted the PKI server after I made that change too. Still no
> luck in resolving this.
>
>
>
> 2. When I try to request a certificate from the website:
> https://LH_PKI1.contoso.com/certsrv
>
> I can download the latest CRL no problem. But when I go to request a
> certificate, I canot. I get the following screen:
>
> See pic2
>
> I am logged on as a user PKI_user3. I can go into the local certificate
> store and request certificates that way. The same thing is true if I log
> onto the vista PC with the domain admin account. Any more advice here?
>
> I have already created a web serve certificate for my website, and now I
> am kind of stuck.
>
>
>
>
>
>
| 
XML Sitemap