Hey Guys, I'm setting up a 2008 R2 PKI with an offline root and an online enterprise CA. I've pretty much got it working but I'm having three problem. I'm verifying the setup with the pkiview.msc tool and its giving me the error: AIA Location #2 Unable to Download http://server.domain.com/CertEnroll/xxx.crt DeltaCRL Location #2 Unable to Download http://server.domain.com/CertEnroll/xxx.crt CDP Location #2 Unable to Download http://server.domain.com/CertEnroll/xxx.crt Here is output when run :\>certutil -getreg CA\CAcertpublicationURLs HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration\DC1\C ACertPublicationURLs: CACertPublicationURLs REG_MULTI_SZ = 0: 1:C:\WINDOWS\system32\CertSrv\CertEnroll\%1_%3%4.crt CSURL_SERVERPUBLISH -- 1 1: 3:ldap:///CN=%7,CN=AIA,CN=Public Key Services,CN=Services,%6%11 CSURL_SERVERPUBLISH -- 1 CSURL_ADDTOCERTCDP -- 2 2: 2:http://%1/CertEnroll/%1_%3%4.crt CSURL_ADDTOCERTCDP -- 2 3: 0:file://\\%1\CertEnroll\%1_%3%4.crt CertUtil: -getreg command completed successfully. I have no idea how to fix those issue.MCSE

Hi, Please confirm where you ran the pkiview.msc tool and got the errors. Can you access the URL http://server.domain.com/CertEnroll/xxx.crt from the computer? Normally, you will get the File Download prompt after you type the URL in the Internet Browser. As it is a PKI issue, I’ve moved the thread to the Security Forum so that you can get more suggestions from other PKI experts. Thanks. This posting is provided "AS IS" with no warranties, and confers no rights.

One possibility: When you run pkiview.msc from a computer, it runs as the local computer account when attempting to download HTTP URLs. If you use a proxy server, then you must enable proxy access for the computer. Use the netSH command to set the proxy server Brian

Hi, How's everything going? Is there any update on the issue? If you need further assistance, please do not hesitate to respond back.This posting is provided "AS IS" with no warranties, and confers no rights.

The default web site is working fine. I don't have a proxy server, when I access URL http://server.domain.com/CertEnroll/xxx.crt Getting those error: HTTP Error 404.0 - Not Found The resource you are looking for has been removed, had its name changed, or is temporarily unavailable. <fieldset style="width: 662px; height: 244px;"><legend>Detailed Error Information</legend> Module IIS Web Core Notification MapRequestHandler Handler StaticFile Error Code 0x80070002 Requested URL http://server.domain.com:80/CertEnroll/server.domain.COM_DC1.crt Physical Path C:\inetpub\wwwroot\CertEnroll\server.server.COM_server.crt Logon Method Anonymous Logon User Anonymous </fieldset>MCSE