[Solved] The certificate’s template doesn’t show up for web enrollment

A few days ago I wanted to manually enroll a certificate for a computer of another forest through web enrollment.
However, the certificate didn’t show up among other certificates for web enrollment.

wp-image-375573038

First of all, I verified that my account had as least Read and Enroll permissions.

wp-image-155958422

This is usually where you have to go because basically a computer template has mainly only permissions for computers, and, except if you are a member of Domain Admin or Enterprise Admins, you won’t be able to see and enroll the certificate.

However, I am a domain admin but still not able to see the template appearing in the list for web enrollment.
And moreover, other templates showed up in the list.
Thus I decided to create a copy of one of these templates showing up and apply setting by setting, the same settings as the one not showing up.
And finally, the winner was: the subject name.

Subject name settings

I selected Build from this Active Directory information, and that’s why the template didn’t show up for web enrollment.
As soon as I selected Supply in the request, the certificate appeared in the list.

Please note: if you change a template’s settings you have to unpublish and then publish it again in order to have the new settings to be applied.

Update

There is another case where the template does not show up: when it is not compatible with the version of the computer requesting it.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s