AD CS : CertSrv Website “No certificate templates could be found”

AD CS : CertSrv Website “No certificate templates could be found”

Recently I deployed two Windows 2008 R2 Enterprse Subordinate Certificate Authorities, whilst these have been issuing certificates requested through Autoenrollment I noticed today that the web interface for requests wasn’t working properly using https://<caname>/certsrv. When clicking on “‘Request a certificate’, then ‘Create and submit a request to this CA” I would then get the following error message:

“No certificate templates could be found. You do not have permission to request a certificate from this CA, or an error occurred while accessing the Active Directory.”

Aftering digging about it turned out that by this is resolved by using IIS Manager and changing the DefaultAppPool Identity to NetworkService from ApplicationPoolIdentity:

  1. This is available by rt-clicking the DefaultAppPoll under Application Pools and selecting “Advanced Settings..”
  2. Look for the “Identity” value under Process Model and change to NetworkService.
  3. Once completed perform an iisreset on the CA.