locked
Web Server Certificate Issue RRS feed

  • Question

  • I'm following the steps at http://technet.microsoft.com/en-us/library/gg682023.aspx#BKMK_webserver2008_cm2012 to create the web server certificate template.  However, when I reach step 12 the new template I created doesn't show up in the list of templates to issue.  The member server running CA was just upgraded to Enterprise 2008.  It's been over an hour since I created the template so I don't think it's a DC replication issue.  Any suggestions.  Thanks.

    Stephen

    Wednesday, May 2, 2012 2:55 PM

Answers

  • Can you check whats special on those templates? Any special permissions? Try and create a template same as the one that does show up.
    Wednesday, May 2, 2012 9:06 PM

All replies

  • Hey sjmurdock,

    According to this blog post http://myitforum.com/cs2/blogs/jsandys/archive/2008/07/29/ack-where-are-my-certificate-templates.aspx it says

    "the template must first replicate to every DC in your forest before it is available"

    Can you please verify the replication is done?

    -Moiz

    Wednesday, May 2, 2012 4:23 PM
  • I don't see any relevant erros in the Directory Services log viewer.  Is there another place I should be looking to verify replication is done?
    Wednesday, May 2, 2012 8:13 PM
  • I also just ran repadmin /replsummary and it doesn't show anything as failed.
    Wednesday, May 2, 2012 8:16 PM
  • Can you please create another cert template and verify if it is available to issue?

    If yes, then try and recreate the SCCM template and check whether it is available to issue.

    If no, then there are some other CA related issues.

    Thanks,

    Moiz

    Wednesday, May 2, 2012 8:31 PM
  • Yeah, I had tried that as well.  Actually out of the 35 templates, only 15 of them show in the Enable Certificate Templates window.  I guess I'll have to do some more digging into CA.
    Wednesday, May 2, 2012 8:36 PM
  • Can you check whats special on those templates? Any special permissions? Try and create a template same as the one that does show up.
    Wednesday, May 2, 2012 9:06 PM