I have setup a Windows Server 2008 Certificate Services environment with one offline Root, one offline Policy and one Issuing CA.The setup and intial cert/crl publications seem to work correctly. However, checking the pkiview.msc tool, I have red x's everywhere and "Unable to Dowload"for AIA, CDP and DeltaCRL locations. I have verified the paths and permissions are correct. (Could you verify that it is ok to have spaces in the CA name e.g. "COMPANY ROOT CA"?). I recieve CertificationAuthority Event ID's 66, 74 & 75 constantly, and can not manually publish any CRLs now. Any ideas of what I can try?

1) Check the CertEnroll folder on the enteprise CA and ensure that SSL is *not* enabled. I found in a few of my builds that it is enabled if other applications are installed on the CA.2) The X's mean that things are not downloading. This can be due to proxy configuration issues (if a proxy server is used), or you forgot to publish the CRLs and CA certificates to the locations designated in the URLs.Start with each CA in the chain. Check for typos, work your way down until all URLs are resolvable. If they are too broken, you are in a tear down and re-deploy scenario.Brian