Getting an access denied message when trying to manually publish a CRL in AD CS

Hello Certificate Experts,

I’m having an issue publishing the CRL from my enterprise certificate authority.  When I go to manually publish the CRL, I get the following access denied message:
CRL-Access-Denied.png
The configurations on the enterprise CA for the CRL distribution point are as follows:
CRL-Distribution-Point-Config.png
The enterprise certificate authority also hosts the web page for the CRL.  The folder for the web page is on the D drive of the server and it is named pki.  The share and NTFS permissions for this folder are as follows:

Share permissions:
PKI-Share-Permissions.png

NTFS Permissions:
pki-ntfs-permissions.png

Everything I have read states that the computer account of the CA needs to have the permissions listed above.  The computer name is XXXX-SUBCA1.  I'm hoping another set of eyes can see what I'm missing.

Thanks for your help.
Nick
LVL 1
ndalmolin_13Asked:
Who is Participating?
 
Abhi PappiTechnical Lead - Network SupportCommented:
Hi,

Do the CA server has NTFS & Share WRITE permission on the CertEnroll (C:\windows\system32\certsrv\certenrol) folder?

Also refer, it may help:-https://technet.microsoft.com/en-us/library/cc772603(WS.10).aspx

Thanks,
0
 
ndalmolin_13Author Commented:
I look good on the share and NTFS permissions on the certenroll folder (screen shots below);

certenrol-share.png

Certenrol-NTFS.png
I will read through the link you provided.

Thanks for your help.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.