This seems to be a common problem, but without a common solution. I have stood up a Server 2008 R2 SP1 member server in my domain and installed the certificate services and web enrollment components. Auto enrollment works fine, but the web enrollment portion is giving me the error that no certificate templates could be found. This is an Enterprise CA and we have created custom templates for about half of our active templates, but none of the templates appear to be visible to the web enrollment process. I need to issue certificates to systems that are in a different domain, and I cannot find a way to do that with out the web enrollment service. Does the Web enrollment process require special configuration to get it to work?
I have tried changing application pools so I could change to the Network service, and I have tried adding security settings to give the CA computer account read / enroll permissions on a template or two. It does not seem to matter how the template subject matter tab is configured either.
Any help would be appreciated.