Several bungled attempts to establish a stand-alone CA on our Windows 2003 Standard server have made a bit of a mess. We have contributed to the snafu by searching for similar problems and following the given directions and/or recommendations.
I would like to get help from someone who is a master at undoing the butchery and setting things right. It may take a lot of back and forth to root out the bad bits, so I've maxed the points on this, but I am hoping to avoid a lot of competing suggestions. Too many cooks have already spoiled this soup.
We don't believe we need an Enterprise CA, as we will be using this for Exchange OWA access internally and for VPN-connected remote users. Perhaps in the near future we will open a firewall port for SSL access.