I have built a two tier 2008 R2 PKI with an offline Root CA and an online issuing CA. The domain is a 2008 funtional level.
From a 2008 IIS server on the same domain, I have tried to Create a "Domain Certificate" so I can implement an internally self signed web server. On the first screen, I am able to enter all the details under "Distinguished Name Properties", but when I go to the next screen, "Online Certificate Authority", the Select button is greyed out next to "specify Online Certifcation Authority" . The only online articles I have found say this indicates that something is wrong with the CA, but not what.
I have checked everything with PKIview and the CA looks healthy. I have also run the BPA for certifcate services and the BPA for DNS and no problems are shown.
I have checked that the certifcate template for Webservers I have created and looks okay and have been able to manually send a web server request to it on the CA and install it on the webserver.
I am also able to successfully autoenrol user and machine certifcates within the domain and use this for 802.1x Wireless authentication.
Any pointers in would be appreciated
Thanks
Iain