Please rephrase your question in english. From what i translated using Bing Translator I understand that you cannot acces the certsrv site in HTTPS. please reffer to the following article from Microsoft: http://technet.microsoft.com/en-us/library/dd441789.aspx. MCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. http://mariusene.wordpress.com/

м! standalone CA ( м м Win2008R2 SP1) . м : м CA Windows, м (м ): 1) Install a Root Certification Authority a) Open Server Manager, click Add Roles, click Next, and click Active Directory Certificate Services. Click Next two times. On the Select Role Services page, click Certification Authority. Click Next. On the Specify Setup Type page, click Standalone or Enterprise. ( STANDALONE) Click Next ... 1: м Root Standalone CA, Web Enrolment - .. https://pcname/certsrv м. , м .3 ( 2 Certification Authority Naming - м м ). 3) Setting Up Certificate Enrollment Web Services ) Installation requirements Before installing the certificate enrollment Web services, ensure that your environment meets these requirements: A host computer as a domain member running Windows Server 2008 R2. ... A Server Authentication certificate installed for HTTPS. During installation of certificate enrollment Web services, the following server roles and features will be installed if they are not already installed: Web Server (IIS) ... - м: Certificate Enrollment Web Services м "Server Authentication certificate " - ??? : I) IIS, м м , https м Certificate Enrollment Web Services ( м , .. (.3) , IIS м Certificate Enrollment Web Services, ). , - : Default Web Site http, https. 4) Certificate Enrollment Web Services : Set Up Certification Authority Web Enrollment Support To install Web enrollment support Click Start, point to Administrative Tools, and then click Server Manager. Click Manage Roles. Under Active Directory Certificate Services, click Add role services. If a different AD CS role service has already been installed on this computer, select the Active Directory Certificate Services check box in the Role Summary pane, and then click Add role services. On the Select Role Services page, select the Certification Authority Web Enrollment check box. ... I: Web http, https. : http://pcname/certsrv/certrqxt.asp https://pcname/certsrv/certrqxt.asp advanced certificate request , (Base-64-encoded certificate request (CMC or PKCS #10 or PKCS #7), м м м ! м advance request-a??? II) ... https CA . 4) Certificate Enrollment Web Services : ... II: http://pcname/certsrv/certrqxt.asp ( м м), https://pcname/certsrv - , . ??????????

Please rephrase your question in english. From what i translated using Bing Translator I understand that you cannot acces the certsrv site in HTTPS. please reffer to the following article from Microsoft: http://technet.microsoft.com/en-us/library/dd441789.aspx. MCTS - Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. http://mariusene.wordpress.com/

Hello, for Security better ask in http://social.technet.microsoft.com/Forums/en/winserversecurity/threads BUT in English.Best regards Meinolf Weber MVP, MCP, MCTS Microsoft MVP - Directory Services My Blog: http://msmvps.com/blogs/mweber/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

Marius Ene, thank you for your reply. In short, I've got two questions: 1) Windows 2008R2 CA help says that prior to installing Certificate Enrollment Web Services on a server there should already be a "A Server Authentication certificate installed for HTTPS.", so the 1st question is where can I get this certificate from? ...and the second one: if I bind the CA self-signed root certificate (the only one I have at this point) to https in IIS I can successfully VIEW the advanced certificate request page (http://pcname/certsrv/certrqxt.asp) over HTTP (althouth I can't use it because it requieres https) but CAN'T open https://pcname/certsrv - "Can't connect error). If I create another self-signed certificate in IIS and bind it to https I can successfully open the advanced certificate request page over HTTPS but this page allows just to paste previously created code for a certificate request, it DOES NOT have any fields needed for making a certificate request (such as Organisation, OU, City...). ???