Hello
I am trying to establish in virtual test environment PKI in 2008 R2 and now I'm stuck so I need your help and advice for further steps. I've installed standalone root CA with CA role (it will be later offline, it is 2008 R2 standard). Also installed one DC and one issueing CA - enterprise subordinate CA (on 2008 R2 enterprise). When adding ent.subordinate CA role I've put option for Request Ceritficate to save into file.
As Guide I've used Windows Server 2008 Active Directory Certificate Services Step-By-Step guide from
I've got as far as sending the certificate to the offline ROOT, the ROOT has issued it, but when I try to get this certificate back into the subordinate, I get the following error:
"Cannot find the sertificate for CN=ROOT-CA to build a certificate chain. Do you wish to install this certificate now ? A certificate chain could not be built to a trusted root authority. 0x800b010a (-2146762486)."
So I'm having problems importing the issued certificate from the CAROOT.
Can Anybody offer some assistance?