+ Reply to Thread
Results 1 to 9 of 9
  1. Member
    Join Date
    Aug 2009
    Posts
    45
    #1

    Default Creating Standalone root and Enterprise Subordinate

    Good day:
    I created a standalone root CA but when i tried creating the enterprise subordinate i get a message that the root ca could not be contacted. The standalone root CA is configured as a workgroup and the subordinate ca is a domain member. They are both on the same subnet and can ping each other. I am new to this, so i really do not know what to do next.

    Thanks.
    Reply With Quote Quote  

  2. SS -->
  3. Junior Member
    Join Date
    Jul 2011
    Posts
    26

    Certifications
    MCITP : EA . MCTS: Exchange 2010, MCSA: Server 2012, CompTIA A+ , Network+, MCTS: 70-680
    #2
    Im new to this as well but is your Root CA online as well?
    Reply With Quote Quote  

  4. CLI Junkie DragonNOA1's Avatar
    Join Date
    Jul 2006
    Location
    Na Pali Haven
    Posts
    148

    Certifications
    A+, Network+, Security+, MCSE:S 2003
    #3
    Quote Originally Posted by thickSkin View Post
    i get a message that the root ca could not be contacted.
    How do they contact each other, with DNS? Are they using the same internal DNS server?
    Reply With Quote Quote  

  5. Virtual Member undomiel's Avatar
    Join Date
    Sep 2007
    Location
    Bellevue, WA
    Posts
    2,813

    Certifications
    MCSA:2008, VCP4/5, CCA (XS), MCITP: EA/VA, MCSE, MCSA, Linux+, Security+, Server+, A+
    #4
    You'll need to save your certificate request and manually submit it to the root CA. Take a look at the tutorial here, it gets pretty in depth on the whole CA configuration process. Designing and Implementing a PKI: Part II Implementation Phases and Certificate Authority Installation - Ask the Directory Services Team - Site Home - TechNet Blogs
    Reply With Quote Quote  

  6. Member
    Join Date
    Aug 2009
    Posts
    45
    #5
    Quote Originally Posted by dhenderson View Post
    Im new to this as well but is your Root CA online as well?
    Yes the Root CA is online
    Reply With Quote Quote  

  7. Member
    Join Date
    Aug 2009
    Posts
    45
    #6
    Quote Originally Posted by DragonNOA1 View Post
    How do they contact each other, with DNS? Are they using the same internal DNS server?
    The DNS server is on the enterprise subordinate. I configured the root CA to use it as it's preferred DNS. I was checking again this morning and i got this message " Please make sure there is a CA running on the computer"
    Last edited by thickSkin; 01-26-2012 at 07:35 PM.
    Reply With Quote Quote  

  8. Member
    Join Date
    Aug 2009
    Posts
    45
    #7
    Quote Originally Posted by undomiel View Post
    You'll need to save your certificate request and manually submit it to the root CA.
    I tried this and it worked. I however got a message saying that the root CA is untrusted.
    Reply With Quote Quote  

  9. CLI Junkie DragonNOA1's Avatar
    Join Date
    Jul 2006
    Location
    Na Pali Haven
    Posts
    148

    Certifications
    A+, Network+, Security+, MCSE:S 2003
    #8
    So how would you go about getting a computer to trust a root CA? Sorry for the questions, just trying to make you think the process through,
    Reply With Quote Quote  

  10. Member
    Join Date
    Aug 2009
    Posts
    45
    #9
    Quote Originally Posted by DragonNOA1 View Post
    So how would you go about getting a computer to trust a root CA? Sorry for the questions, just trying to make you think the process through,
    when i saw the message i immediately knew that there was a problem and i am trying to get it fixed. Just started with a list of what would make it untrusted in the first place and work my way up from there.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks