Assume the following scenario:
- You try to request a certificate via a Certificate Enrollment Web Service (CEP) from an Active Directory-integrated certification authority (Enterprise Certification Authority).
- The operation fails with the following error message:
The operation timed out 0x80072ee2 (INet: 12002 ERROR_INTERNET_TIMEOUT)
The Certificate Enrollment Web Services (Certificate Enrollment Policy Web Service, CEP, and Certificate Enrollment Web Service, CES) enable the automatic request and renewal of certificates from a certification authority via a Web-based interface. This eliminates the need to contact the certification authority directly via Remote Procedure Call (RPC). For a more detailed description, see the article "Certificate request basics via Certificate Enrollment Web Services (CEP, CES)„.
Possible causes can be:
- The CES server is offline.
- The connection from the client to the CES server is prevented by a firewall. See article "Required firewall rules for the Certificate Enrollment Web Service (CES)„.
- The certification authority takes too long to respond, e.g. if there are problems with the hardware security module (HSM).
- The Internet Information Services (IIS) application pool on the CES server needs some loading time after restarting the web server service, which can also lead to a timeout on slow host systems - so it is best to try a second time.