MCITP 70-640 AD Certificate Services

Hallo,

Ik ben bezig met het boek self trained MCITP. Nu ben ik aangekomen bij het AD CS gedeelte... dit gaat tot op heden goed. Het gebeurd op bladzijde 748. Het is een cursus vd LOI(echter heb ik geen recht op ondersteuning meer,heb de cursus in 2010 aangevraagd,maar gestopt omdat ik te druk met werken werd en ik dus inmiddels weer het boek erbij gepakt heb) Ik weet niet of dit een algemeen boek verder is.

Alleen als ik op een gegeven moment een certificaat installeer krijg ik de volgende error:

THE REVOCATION FUNCTION WAS UNABLE TO CHECK REVOCATION BECAUSE THE REVOCATION SERVER WAS OFFLINE. 0x80092013(-2146885613)

Iemand enig idee hoe dit kan?

Ik zal vd zekerheid in een reply even al de exercises typen,wellicht dat iemand er een fout in ziet,want ik doe alles precies zoals het in het boek staat,echter krijg ik na 5x proberen steeds dezelfde foutmelding. Denk haast dat er misschien een fout instaat dan?

Hier de volledige exercise:

Before you begin:
Server01 = named SERVER01 and should be a domain controller in the contuse.com domain.
Server03 = named SERVER03 and should be a member server within the contoso.com domain.
Server04 = named SERVER04 and should be a member server within the contoso.com domain.

Exercise 1:

1.Log on server03 with the domain administrator account
2.launch server manager
3.right click roles...add roles
4.review before you begin and click next
5.on the select server roles page click AD Certificate Services and click next
6.on the introduction page click next
7.on the select role services page,select certification authority and click next
8.on the specify setup type page, select standalone and click next.
9.on the CA Type page,select Root CA and click next.
10.on the setup private key page, select create a new private key and click next
11.on the configure cryptography for CA page, select the suggested CSP.
12.click next
13.on the configure CA Name page, type Contoso-Root-CA, click next
14.on the set validity period page change the year value to 20 and click next
15.on the configure certificate data base page click next
16.review and click install

exercise 2:
1.log on to server04
2.launch server manager
3.right click roles node and select add roles
on the select server roles page,select AD Certificate Services and click next
4.on the introduction page click next
5.on the select role services page select Certificate authority and online responder click next
6.on the specify setup type page select enterprise
7.on the specify CA Type page select subordinate CA and click next
8.on the setup private key page select create a new private key and select next.
9.on the configure cryptography for CA page accept the defaults and click next.
10.on the configure CA Name page type Contoso-Issuing-CA01 click next
11.on the request certificatte from a parent CA page select save a certificate request to file and manually send it later to a parent CA
12.select certificate request name from the file name field and copy it to the clipboard,using ctrl+c and then click browse and navigate to your documents folder. Paste the name in the file name field using ctrl+v.click save and then click next.
13.on the configure certificate database page click next.
14.review the installation of IIS, and click next
15.on the web server roles page click next.
16.review information and click install


exercise 3:

1.on server04 launch windows explorer and navigate to c drive. Create a new folder and name it "temp".
2.right click the "temp folder" and select share.
3.in the file sharing dialog box ,select everyone and click add
4.in the permission level column assign contributor and click share.
5.copy the certificate request generated from your documents folder to the temp folder.
6.on server03,launch the certificate authority console from the adminstrative tools program group.
7.in the certification authority console right clock the root CA name in the tree pane, select all tasks ,and then choose submit new request.
8.in the open request file dialog box,move to the address bar and type \\server04\temp. when the folder opens ,select the request and then click open.
9.move to the pending request node in the tree pane,right click the pending request in the details pane to choose all tasks and then choose issue.
10.move to the issued certificates in the tree pane, right click the issued certificate in the details pane and choose open.
11.in the certificate dialog box ,choose the details tab and click copy the file at the bottom of the dialog box
12.click next.
13.select the cryptographic message syntax standard - PKCS#7, select include all certificates in the certification path if possible, and click next.
14.in the file to export dialog box ,click browse and save the certificate in the \\server04\temp folder. Name it issuing-CA01.p7b and click save.
15.click next when you return to the wizard.
16.review your settings and click finish
17.click ok when the wizard tells you that the export was successful.
18.return to server04
19.go to server mananger and select Contoso-Issuing-CA01 in the tree pane (Server Manager\Roles\Active Directory Certificate Services\contoso-issuing-ca01)
20.right click contoso-issuing-ca01,select all tasks,and the choose install CA Certificate
21.move to C:\temp folder, select the certificate and click open.
22.this imports the certificate and enables the server.
23.right click the server name,select all tasks and then choose start service.

Hier krijg ik dus de volgende error:THE REVOCATION FUNCTION WAS UNABLE TO CHECK REVOCATION BECAUSE THE REVOCATION SERVER WAS OFFLINE. 0x80092013(-2146885613)

Ik heb het 5 keer geprobeerd met steeds de servers opnieuw te installeren. De tijd staat op alle servers gelijk. Ik weet het echt niet meer,ik kan dus nu ook de volgende opgaves niet verder maken. Ik hoop dat iemand mij helpen kan?

hm 70-410 gaat over Windows Server 2012 zie ik. Kun je daar op dit moment ook al een certificering voor halen?