The basic issue I am having is that I cannot create a certificate template. We have a Windows 2008 Enterprise CA environment. The servers that are hosting the certificate authorities are all running Windows 2008 ServerStandard edition. I have figured out that with Standard edition, you cannot create v2 or v3 templates. I have spent several days attempting to create a useable template without success. If I try to duplicate a version 1 template, it seems to only allow the duplicated template to be at least a version 2. Unfortunately it seems none of the existing Version 1 templates meet the criteria for SCOM certificate usage.
I did try an approach that didn't need a certificate template, but I get this error once I successfully imported this onto one of our DMZ servers:
The specified certificate could not be loaded because the Key Usage specified does not meet OpsMgr requirements. The certificate must have the following usage types:
Digital Signature
Key Encipherment
This did not make sense to me but I'm no expert with this. I did use the procedure for a Stand Alone CA, rather than the Enterprise CA. So I'm assuming it didn't like that.
Any ideas would be greatly appreciated.