Has anyone used a custom CAPolicy.inf with MS Certificate Services to issue certs to the CAM/CAS? I used a stock CAPolicy.inf with the key length changed to 2048 (see below). The certs issued are valid, the CAS/CAM will install them but the CAM can no longer talk to the CAS. I get this error on the CAM:
Could not connect to the Clean Access Server. This could be due to your network, ssl/authorization or shared secret settings. If use remove the CAPolicy.inf and use all MS defaults things work again. Does anyone have a working CAPolicy.inf file that they've used with 4.1.6? Here's the content of my current CAPolicy.inf. [Version] Signature= "$Windows NT$" [Certsrv_Server] RenewalKeyLength=2048 RenewalValidityPeriod=Years RenewalValidityPeriodUnits=20 [CRLDistributionPoint] [AuthorityInformationAccess] -- Shane
