Certificate Enrollment Problem
I have a Windows Server 2008 Enterprise Root CA with a different Windows 2008 Server running the Cert Enrollment website (ussing SSL). Any certificate that I attempt to request (Vista or XP) results in:============================================ Your request failed. An error occurred while the server was processing your request. Contact your administrator for further assistance. Request Mode: newreq - New Request Disposition: (never set) Disposition message: (none) Result: The RPC server is unavailable. 0x800706ba (WIN32: 1722) COM Error Info: CCertRequest::Submit: The RPC server is unavailable. 0x800706ba (WIN32: 1722) LastStatus: The operation completed successfully. 0x0 (WIN32: 0) Suggested Cause: This error can occur if the Certification Authority Service has not been started.=================================The Windows Firewall is off between the web enrollment server and the CA, but only 443 is open in to the web enrollment server from externally.What am I missing here? This is rapidly becoming a showstopper.Thanks,BH
June 11th, 2008 7:50pm

What happens if you run the following command from the Web server (front end)certutil -ping -config "CADNSName\CAName"So, for example, if the DNS name of the CA is ca.example.com and the CA Name is "Example Corporation Corporate CA", then you would type certutil -ping -config "ca.example.com\Example Corporation Corporate CA"You need to use RPC to communicate from the Web front end to the back end Web server. There are some excellent configuration tips in the Advanced Enrollment whitepaper that can assist you.http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/advcert.mspxHTH,Brian
Free Windows Admin Tool Kit Click here and download it now
June 18th, 2008 8:16am

I'm having a slightly related problem. I have Certificate Services running on a Windows 2008 Enterprise Edition 64-bit. I installed it as aEnterprise subordinate CA, using a certificate from the original enterprise CA. It is set up as I am trying to enroll a certificate on another computer. When I use "Automatically Enroll and Retrieve Certificates", I see the certificate I want. However, when I try to enroll it I get the following error:The RPC server is unavailable.The certificate rquest could not be submitted to teh certificate authorityThere are no firewalls between the certificate authority and I tried using the certutil ping command as stated above and I got an 'is alive' reply from the CA.Any idea what my hang up could be?
December 13th, 2008 12:31am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics