troubleshooting Question

Certificate Services AIA Location error

Avatar of Paul Walsh
Paul Walsh asked on
Windows 10AzureWindows Server 2016* certificate services
5 Comments1 Solution31 ViewsLast Modified:
Hi All,

I am setting up a 2 tier PKI environemnt with two server core 2016 servers following this guide. https://www.petenetlive.com/KB/Article/0001312

I have more or less got it up and running but I am hitting a snag with the AIA location for the offline ROOTCA. Within pkiview (from the management pc) it tells me it cannot download the file: ////TEST-ROOTCA_TEST-ROOTCA-CA.crt

Within the extensions tab the AIA has the following locations:

C:\Windows\system32\CertSrv\CertEnroll\<ServerDNSName>_<CaName><Certificate Name>.crt
ldap:///CN=<CATruncatedName><CN=AIA,CN=Public Key Services,CN=services,<ConfigurationContainer><CAObjectClass>
http://pki.test.local/CertEnroll/<ServerDNSName>_<CAName><CertificateName.crt>

However If i navigate to the Certenroll folder on the root server I can see the cert in there. I have attached snippets of a few screnngrabs showing the error, and the settings / troublseome cert.

What am i missing?

Thankyou,
Paul
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 5 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 5 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros