Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Microsoft CA IIS problem

Posted on 2009-04-03
7
Medium Priority
?
688 Views
Last Modified: 2012-05-06
Hello, I am having an issue with my in house CA server. I was attempting to allow HTTPS authentication for me CA website under IIS. I went to default website under Directory Security tab. For Authentication and Access Control I changed it from the default anonymous IUSR_CASRV account to integrated windows authentication. When I pressed apply/ok it applied that to all the sub directories, and now when access my site and select request certificate it says that there are no templates found. I went back and removed the integrated windows authentication, but I'm still having the same result. I've restarted my services and still have been unable to access my cert templates via the web interface. Any help would be greatly appreciated.
0
Comment
Question by:jmchristy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24060953
try running this from cmd box:
certutil -vroot
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24060964
otherwise try deleting the site and rename the actual file folders and then run that again...
0
 

Author Comment

by:jmchristy
ID: 24061157
Just to clairify, I should delete my sites from the IIS (CertControl, CertEnroll, CertSrv) Default Web Site? Which file folders should I rename? I'm sorry, I don't have a lot of experience with IIS.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 31

Accepted Solution

by:
Paranormastic earned 2000 total points
ID: 24062906
Sorry, yes delete the certsrv listing in IIS.
Sorry, typed that a little weird there - rename files or move to a folder - the .asp files in %systemroot%\system32\certsrv

The certsrv folder also contains files for your CA, so careful not to overdo it.  Probably easiest to make a 'oldASPfiles' folder or something like that and move all the ASP files into there.

Then run commands as above.
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24062912
Yes - remove all from IIS: CertControl, CertEnroll, CertSrv
0
 
LVL 31

Expert Comment

by:Paranormastic
ID: 24062925
Alternatively, you could use the CA MMC to backup CA and backup the private key and database (not incremental) and reinstall certificates services as well with the same results, then go back into CA MMC and choose to restore CA and point to the file you backed up.  Adviseable to do a full backup including system state before reinstalling cert services, just to be safe, in addition to backing up the CA from the MMC.
0
 

Author Comment

by:jmchristy
ID: 24076101
Removing the IIS sites and running the command worked! I have to copy the ASP files back to their original location because they didn't recreate, but once I did, I was able to see my templates in the webcert request form. Thank you.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question