I've been struggling with the web enrollment of WS03 R2 SP2 PKI (w/KB 922706 installed)... If I go to request a user cert, the following error occurs on submit: Error Your request failed. An error occurred while the server was processing your request. Contact your administrator for further assistance. <input id="locBtnDetails" onclick="blur();spnBasic.style.display='none';spnAdvanced.style.display='';" type="button" value="Details >>" /> Request Mode: newreq - New Request Disposition: (never set) Disposition message: (none) Result: No mapping between account names and security IDs was done. 0x80070534 (WIN32: 1332) COM Error Info: CCertRequest::Submit No mapping between account names and security IDs was done. 0x80070534 (WIN32: 1332) LastStatus: No mapping between account names and security IDs was done. 0x80070534 (WIN32: 1332) Suggested Cause: No suggestions. Any ideas on a solution?

Thanks, I did all of these and still get the same error. Is the web certenroll supposed to use https? If so, that is even worse, I get "Page cannot be displayed" error.

Thanks, I understand having the cert and I do have one installed and is used on the web site. I was referencing whether that SSL is supposed to be or required to be used for cert enroll. I'm not finding a reference one way or another. By default, it does not. Running cerutil command you referenced: Web Virtual Root Already Exists Active Server Pages (ASP) already enabled File Share Already Exists CertUtil: -vroot command completed successfully. Errors still occur. For SSL, does it need to be enabled on the default web or at the 'CertSrv' and other 'Cert...' web sites only?