Today I just wanted to quickly request a certificate via certificate templates, but as it happens. I got the following error message:
No certificate templates were found. You do not have sufficient rights to request a certificate from this certification authority or an error has occurred while accessing the Active Directory.
I have a meaningful error message, but it could have been a bit more precise.
This article on the error message can be found in Technet:
http://support.microsoft.com/kb/811418/en-us
Unfortunately, this didn't help me, as it would have been too easy. Deep in the logs, I finally found clues to access errors. I'll keep it short:
The service for the application pool "DefaultAppPool" was entered incorrectly in the IIS
In the extended properties, the value "Networkservice" must be entered for the "Identity" parameter. This is how it looked before my change:
And so afterwards:
Then quickly restart the IIS with "iisreset" and the certificates will work again.
