i am trying to create a PKI infrastructure on winserver2008R2 enterprise as follows
offline ROOT CA---Standalone
Online Intermediate CA -- enterprise
i performed the ffg on offline RootCA
- create the CA policy policy file and store in windows folder
- install ADCS
- run post installation script
The Certificate Service was successful and saw a green icon in the console
I performed the ffg on online enterprise CA
- create the CA policy policy file and store in windows folder
- install ADCS
- i successfully published the root CA cert and CRL in the local store and AD. i saw the ffg message upon completion
CertUtil: -addstore command completed successfully.
CertUtil: -dsPublish command completed successfully.
- I installed ADCS
PROBLEM: on the intermediate CA: using enterprise PKI view , AIA and CDP location for the RootCA has red crossover " unable to download"but enterprise pki view "manage AD container" indicated the AIA and CDP container had OK for the root CA CDP and AIA. I also I noticed that AD site and service has no indication for ADCS
Any help will be appreciated.
Thanks