PKI: Enterprise PKI MMC displays a Subordinated CA as offline
I built a two layer PKI infrastructure and brought an Enterprise PKI MMC to verify the infrastructure health. All is ok but an Issuing CA. That was displayed with Status: ‘Error” and the message was “This CA is currently offline or unavailable”.
At the same time I could right-click it, select manage and it brought a very nice working CA MMC for me. So the CA is up and running and works fine, but for some reasons shown as offline in Enterprise PKI MMC.
Google did not bring too much, but search in Technet Forums gave a clue: https://social.technet.microsoft.com/Forums/en-US/fc8f6eba-447e-4e3f-a833-3b71bb3fc575/enterprise-pkiviewmsc-error-for-new-subca?forum=winserversecurity
I granted all permissions to my Domain Admins (this is Lab, otherwise it would be a custom security group). By default it was Manage CA and Issue and Manage Certificates only.
and restarted the Certificate Services. After that Enterprise PKI became nice and green.