I have a new Enterprise Root certificate server and need assistance configuring it. Other than installing the certificate authority and CA web enrollment roles not much else has been done. All installation guides and videos end at the completion of the role installations. I know there's got to be more to do from application security, AD changes, and IIS security.
Currently i'm unable to browse to the website outside the server to request certificates. Also if I run through the certificate enrollment wizard on a server I can't see the new server by default and when I check the box to show all enrollment servers it says "you do not have permission to request certificates from this certification authority (CA). The permissions on this certification authority do not allow the current user to enroll for certificates."
I'm a member of the domain admins and enterprise admins groups.
Lastly this server stands side by side with another Root CA. The current production CA is windows server 2003 and needs to be retired.
Once I get the new CA working and tested the old will be decommissioned.