Assume the following scenario:
- You try to request a certificate via a Certificate Enrollment Web Service (CEP) from an Active Directory-integrated certification authority (Enterprise Certification Authority).
- The operation fails with the following error message:
Certificate Request Processor: The operation timed out 0x80072ee2 (WinHttp: 12002 ERROR_WINHTTP_TIMEOUT)
The Certificate Enrollment Web Services (Certificate Enrollment Policy Web Service, CEP, and Certificate Enrollment Web Service, CES) enable the automatic request and renewal of certificates from a certification authority via a Web-based interface. This eliminates the need to contact the certification authority directly via Remote Procedure Call (RPC). For a more detailed description, see the article "Certificate request basics via Certificate Enrollment Web Services (CEP, CES)„.
Possible causes can be:
- On the CES, the Internet Information Services (IIS) web page is not started.
- The connection from the client to the CES is blocked by a firewall, which drops the packets without notifying the sender. See also article "Required firewall rules for the Certificate Enrollment Web Service (CES)„.
- On the CES, no exception for HTTPS connections is set up in the Windows firewall.