I am setting up an RA and a Subordinate CA who is also an AD.
I can issue certs through certutil and the mmc snap-in with no problem.
But when I try using Web Enrollment in the RA, it fails saying "The RPC server is unavailable. 0x800706ba (WIN32: 1722)"
This is what the webpage shows:
Modo de solicitud:
newreq - Nueva solicitud
Disposición:
(nunca establecido)
Disposición de mensaje:
(ninguno)
Resultado:
El servidor RPC no está disponible. 0x800706ba (WIN32: 1722)
Información de error de COM :
CCertRequest::Submit: El servidor RPC no está disponible. 0x800706ba (WIN32: 1722)
último estado:
La operación se ha completado correctamente. 0x0 (WIN32: 0)
Causa sugerida:
Es posible que este error se produzca si el Servicio de entidad de certificación no ha sido iniciado.
Following this guide did not help to troubleshoot the problem: http://blogs.technet.com/b/askds/archive/2007/11/06/how-to-troubleshoot-certificate-enrollment-in-the-mmc-certificate-snap-in.aspx
I can certutil -ping -config "XXX.ca.loc\CA" the CA from the RA successfully so apparently it's not a network problem.
I have even given the User Template permisions to "Everybody" in case it was a security problem but no luck.
How can I fix this issue so that the Web Enrollment form the RA works?
Thanks!
Best Answer
Fix for me was the computer object for the Web Enrollment service needed to be trusted for delegation. https://blogs.technet.microsoft.com/askds/2009/04/22/how-to-configure-the-windows-server-2008-ca-web-enrollment-proxy/