standalone CA - cannot use browser to install certs

  • Thread starter Kristin Griffin
  • Start date
K

Kristin Griffin

Hi there.

I have a test lab running - it looks like this:

IPSECCA1 = the Root CA, standalone, in a workgroup called WORKGROUP

IPSECCPC1 and IPSECPC2 vista clients, in WORKGROUP

IPSECCA1 is a root CA, running 2008 AD CS, standalone, with web enrollment
installed. I can request certs, and then go to the cert authority on
IPSECCA1, and issue the certs.
Then my clients go to the website, and download the certs, and click the
install button. They say they get installed but they do not. I have to
download them to the local machine and double click them to install them. I
have noticed that the file location is missing when it does not work using
the web site to install the cert.

Anyone have an idea on why this is not working quite right?

Thanks!
Kristin
 
B

Brian Komar

Is the root CA (IPSECCA1) a trusted root CA on the clients?
Brian
"Kristin Griffin" <kristin.l.griffin@gmail.com> wrote in message
news:eroOdLRZIHA.1212@TK2MSFTNGP05.phx.gbl...
> Hi there.
>
> I have a test lab running - it looks like this:
>
> IPSECCA1 = the Root CA, standalone, in a workgroup called WORKGROUP
>
> IPSECCPC1 and IPSECPC2 vista clients, in WORKGROUP
>
> IPSECCA1 is a root CA, running 2008 AD CS, standalone, with web enrollment
> installed. I can request certs, and then go to the cert authority on
> IPSECCA1, and issue the certs.
> Then my clients go to the website, and download the certs, and click the
> install button. They say they get installed but they do not. I have to
> download them to the local machine and double click them to install them.
> I have noticed that the file location is missing when it does not work
> using the web site to install the cert.
>
> Anyone have an idea on why this is not working quite right?
>
> Thanks!
> Kristin
>
 
K

Kristin Griffin

yes, the root CA's certificate is stored in the certificate store (both user
and computer store).

"Brian Komar" <brian.komar@nospam.identit.ca> wrote in message
news:B436BA1A-C64B-4D7C-9D90-0DAD38C6B218@microsoft.com...
> Is the root CA (IPSECCA1) a trusted root CA on the clients?
> Brian
> "Kristin Griffin" <kristin.l.griffin@gmail.com> wrote in message
> news:eroOdLRZIHA.1212@TK2MSFTNGP05.phx.gbl...
>> Hi there.
>>
>> I have a test lab running - it looks like this:
>>
>> IPSECCA1 = the Root CA, standalone, in a workgroup called WORKGROUP
>>
>> IPSECCPC1 and IPSECPC2 vista clients, in WORKGROUP
>>
>> IPSECCA1 is a root CA, running 2008 AD CS, standalone, with web
>> enrollment installed. I can request certs, and then go to the cert
>> authority on IPSECCA1, and issue the certs.
>> Then my clients go to the website, and download the certs, and click the
>> install button. They say they get installed but they do not. I have to
>> download them to the local machine and double click them to install them.
>> I have noticed that the file location is missing when it does not work
>> using the web site to install the cert.
>>
>> Anyone have an idea on why this is not working quite right?
>>
>> Thanks!
>> Kristin
>>
>
 
You must log in or register to reply here.

Similar threads

A
How to configure AD enterprise CA template to generate cert that have both key agreement and key encipherment enabled?
Replies
0
Views
20
ahkenho
A
D
MS CS with Yubihsm2 - The device that is required by this cryptographic provider is not ready for use. 0x880090030 (-2146893776 NTE_DEVICE_NOT_READY)
Replies
0
Views
11
D0611
D
R
Someone is accessing my computer remotely and designated it as a standalone workstation. I don’t even have internet access at my house and can’t figur
Replies
0
Views
43
Rhonda Frameli
R
C
Cannot Install Valid UNUSED OEM License on Server 2016 for Test Lab
Replies
0
Views
42
ChrisKudulis
C
O
Trying to install c++ Redistributable, but the installer won't launch.
Replies
0
Views
31
Oddpixel
O
Back
Top Bottom