Under the standalone situation, I've create one ROOT CA whose name is TDC-ROOT-CA (Server A), and it's installed successfully, but while installing its subordinate CA whose name is TDC-User-CA (Server B), the ADCS service could not start always, and get the event 27, see the below, according to the technical document,http://social.technet.microsoft.com/wiki/contents/articles/15037.ad-cs-step-by-step-guide-two-tier-pki-hierarchy-deployment.aspx, on the (Server A) the TDC-ROOT-CA has published TDC-User-CA successfully (I can see it in the issued certificates), and after I copy the .cer file to Server B, and try to install the .cert according to the document, it's failed, and get the ADCS warning like below,
Wish to get assistance from forum, it's urgent, thanks in advance.
Background
1. I installed the ADCS service on the Windows 2012 std at first, but get revocation error 0x80092013.According to the KB https://support.microsoft.com/zh-cn/kb/2615174?wa=wsignin1.0 it suggests installing under the Windows 2008 std R2 condition.
2. Since I rebuit the enviroment, and degrade from Windows 2012 std to Windows 2008 std R2 right now.
Event 27
Active Directory Certificate Services did not start: Hierarchical setup is incomplete. Use the request file in C:\TKECMVISCA11.tkeasia.com_tkeasia-TKECMVISCA11-User-CA.req.req to obtain a certificate for this Certificate Server, and use the Certification Authority administration tool to install the new certificate and complete the installation.
ADCS Warning,
Cannot find the certificate for CN=Root-CA to build a certificate chain. Do you wish to install this certificate now? A certificate chain could not be built to a trusted root authority.0x800b010a(-2146762486)