standalone CA - cannot use browser to install certs

  • Thread starter Thread starter Kristin Griffin
  • Start date Start date
K

Kristin Griffin

Hi there.

I have a test lab running - it looks like this:

IPSECCA1 = the Root CA, standalone, in a workgroup called WORKGROUP

IPSECCPC1 and IPSECPC2 vista clients, in WORKGROUP

IPSECCA1 is a root CA, running 2008 AD CS, standalone, with web enrollment
installed. I can request certs, and then go to the cert authority on
IPSECCA1, and issue the certs.
Then my clients go to the website, and download the certs, and click the
install button. They say they get installed but they do not. I have to
download them to the local machine and double click them to install them. I
have noticed that the file location is missing when it does not work using
the web site to install the cert.

Anyone have an idea on why this is not working quite right?

Thanks!
Kristin
 
Is the root CA (IPSECCA1) a trusted root CA on the clients?
Brian
"Kristin Griffin" <kristin.l.griffin@gmail.com> wrote in message
news:eroOdLRZIHA.1212@TK2MSFTNGP05.phx.gbl...
> Hi there.
>
> I have a test lab running - it looks like this:
>
> IPSECCA1 = the Root CA, standalone, in a workgroup called WORKGROUP
>
> IPSECCPC1 and IPSECPC2 vista clients, in WORKGROUP
>
> IPSECCA1 is a root CA, running 2008 AD CS, standalone, with web enrollment
> installed. I can request certs, and then go to the cert authority on
> IPSECCA1, and issue the certs.
> Then my clients go to the website, and download the certs, and click the
> install button. They say they get installed but they do not. I have to
> download them to the local machine and double click them to install them.
> I have noticed that the file location is missing when it does not work
> using the web site to install the cert.
>
> Anyone have an idea on why this is not working quite right?
>
> Thanks!
> Kristin
>
 
yes, the root CA's certificate is stored in the certificate store (both user
and computer store).

"Brian Komar" <brian.komar@nospam.identit.ca> wrote in message
news:B436BA1A-C64B-4D7C-9D90-0DAD38C6B218@microsoft.com...
> Is the root CA (IPSECCA1) a trusted root CA on the clients?
> Brian
> "Kristin Griffin" <kristin.l.griffin@gmail.com> wrote in message
> news:eroOdLRZIHA.1212@TK2MSFTNGP05.phx.gbl...
>> Hi there.
>>
>> I have a test lab running - it looks like this:
>>
>> IPSECCA1 = the Root CA, standalone, in a workgroup called WORKGROUP
>>
>> IPSECCPC1 and IPSECPC2 vista clients, in WORKGROUP
>>
>> IPSECCA1 is a root CA, running 2008 AD CS, standalone, with web
>> enrollment installed. I can request certs, and then go to the cert
>> authority on IPSECCA1, and issue the certs.
>> Then my clients go to the website, and download the certs, and click the
>> install button. They say they get installed but they do not. I have to
>> download them to the local machine and double click them to install them.
>> I have noticed that the file location is missing when it does not work
>> using the web site to install the cert.
>>
>> Anyone have an idea on why this is not working quite right?
>>
>> Thanks!
>> Kristin
>>
>
 
Back
Top