I was building Enterprise Root CA in my lab and was in rush so ofcourse, I did not read the fabulous manual and went forward with installing the Enterprise Root CA without installing IIS. I did know IIS is needed for web enrollment but did not care to check if it was already installed. It sure wasn’t.

So the Root CA was installed but I could not request certificates using web enrollment.

I went ahead and installed IIS and enabled ASP after the fact but web enrollment still wasn’t going to work as the virtual directories for web enrollment were missing as expected. Only if I had read RTFM.

What can I do now? How big of an issue this is going to be for me? luckily not any bigger than issuing a command “certutil –vroot”. As long as IIS was installed correctly, the command creates necessary, checks if ASP is enabled and warns you if not. That’s it for fixing the problem I created for myself. Thanks fabulous programmers at Microsoft to make products work for those who don’t read the fabulous manuals without real headache of reinstall.

Off to my next task…