Verify OCSP Status - Error

[EduPin]

Hi!

Let's start this with a disclaimer: I'm a complete noob in AD. I need an AD to test something else and I've followed step by step the configuration in this guide:

https://mjcb.io/blog/2020/03/09/certificate-authority-windows-server-2019-part-4/

Everything was going very smoothly until I reached "4.7 Verify OCSP Status" and the status of the Enterprise PKI Console was "Error". I've tried to fix it by revoking the CA Exchange Certificate (and maybe something else, I can't remember!) but somehow I think I made the problem even worse (see image attached).

Can you please help me out? Many thanks in advance!

Ed

[anyweb]

did you try contacting the author of that guide ? clearly it cannot download something, have you tried downloading/verifying the url it's referencing ?

I'd also recommend you follow my guides instead, they work every time 🙂

Setting up PKI

• Part 1 - Introduction and server setup
• Part 2 - Install and do initial configuration on the Standalone Offline Root CA
• Part 3 - Prepare the HTTP Web server for CDP and AIA Publication
• Part 4 - Post configuration on the Standalone Offline Root CA
• Part 5 - Installing the Enterprise Issuing CA
• Part 6 - Perform post installation tasks on the Issuing CA
• Part 7 - Install and configure the OCSP Responder role service
• Part 8 - Configure AutoEnroll and Verify PKI health

[EduPin]

Your guides look amazing! I'll make sure I'll follow them next time I have to go through this (excruciating) procedure but please don't tell me that I should start all over again!!

[anyweb]

whether you start again or not is up to you, are you doing this in a lab ? did you take snapshots/checkpoints ?

did you see my comment about what the actual error referred to...