We have Enterprise CA with Certificate Enrollment Policy Web Service and Certificate Enrollment Web Service on same domain computer.
When I configure Enrollment policy on non-domain computers by adding exist Certificate Enrollment Policy Server:
mmc->Certificates(local computer)->Personal-Manage Enrollment Policy, all looks fine. But when I do requestNew Certificate -> Select Certificate Enrollment Policy appears window with empty list and message:
Certificate types are not available.You cannot request a certificate at this time because no certificate types are available. From domain computers all works fine, I can choose templates from the list and can do command:
certutil -config "DomainComp\CAname" -ping.
from non-domain computers I can't do certutil -ping:
...Connecting to DomainComp\CAname ...
Server could not be reached: The RPC server is unavailable. 0x800706ba
↧
Non-domain computer request certificate
↧