We are trying to migrate our Certificate Services from a
third party to in house.  I have created the following
hierarchy:

RootCA
|
SubCA
|
Website with issued
certificate from SubCA


Now I think everything is setup correctly, I have the Root
Certificate installed on the server and the Root
Certificate is part of the IIS CTL list (this is IIS 5.0
on Windows 2000).  Problem is that when the client
retrieves a Certificate from the SubCA then attempts to
navigate to the Website requiring client certificates,
they get a Blank List of Certificates to choose from.

Has anyone encountered this and know how to fix it?  Any
suggestions welcome, thanks in advance.

-Brian

[ Post a follow-up to this message ]

The client needs the Root CA cert installed.

"Brian" <anonymous@discussions.microsoft.com> wrote in message
 news:132d601c3f703$0a5e7170$a601280a@phx
.gbl...
> We are trying to migrate our Certificate Services from a
> third party to in house.  I have created the following
> hierarchy:
>
> RootCA
>   |
> SubCA
>   |
> Website with issued
> certificate from SubCA
>
>
> Now I think everything is setup correctly, I have the Root
> Certificate installed on the server and the Root
> Certificate is part of the IIS CTL list (this is IIS 5.0
> on Windows 2000).  Problem is that when the client
> retrieves a Certificate from the SubCA then attempts to
> navigate to the Website requiring client certificates,
> they get a Blank List of Certificates to choose from.
>
> Has anyone encountered this and know how to fix it?  Any
> suggestions welcome, thanks in advance.
>
> -Brian

[ Post a follow-up to this message ]