Hello Sebastian Cerazy,
Thank you for posting in Q&A forum.
A 401 typically indicates an issue with authentication settings or permissions. Here are some steps to troubleshoot this issue:
- Check IIS Authentication Settings, ensure that Anonymous Authentication is enabled and other authentication methods such as Active Directory Client Certificate Authentication are disabled.
- The CA Web Enrollment pages require HTTPS. Ensure that an appropriate SSL certificate is installed on the web server hosting the CA Web Enrollment pages
- Check the permissions on the CA by opening the Certification Authority console, right-clicking the CA, and selecting Properties. Go to the Security tab and verify the permissions.
- If the CA Web Enrollment role is hosted on a server other than the CA server, ensure that constrained delegation for Kerberos is enabled on the computer account of the server hosting the CAWE role.
- Check the Event Viewer on the CA and the web server for any related error messages. Look under Windows Logs > Application and System for any relevant entries.
References:
Microsoft CA - Certificate Authority Web Enrollment Access Issue
Enable HTTPS Certificate Authority for Web Enrollment
I hope the information above is helpful.
If you have any questions or concerns, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.