Tag Archives: iis

Certificate enrollment policy server URI format

If you try to request a certificate from non-domain joined machine using the certificates snap-in (CertMgr.msc) then you need to install on the server hosting your Certificate Authority the following components:

(maybe you need just one of them but I’ve installed both)

and then enter its URI in the following format:

https://<FQDN>/ADPolicyProvider_CEP_Kerberos/service.svc/CEP