Technically, it is possible to install an enterprise CA on a Windows Server Standard edition. With this configuration, enterprise features of the certification authority are intentionally not available.
To enable the CA enterprise features, it is required to upgrade a Windows Server from Standard to Enterprise edition. To keep the existing enterprise CA configuration, it is recommended to just perform a Windows inplace upgrade. If you do this on a Windows Server 2008 you will recognize that only V1 certificate templates are available for assigning after the upgrade was performed.
To fix the problem, close the Certificate Services MMC snap-in and run the following commands with administrator permissions at a command-line on the CA computer:
certutil -setreg ca\setupstatus +512
net stop certsvc
net start certsvc
When you re-open the Certificate Services MMC snap-in, you are able to assign V1, V2 and V3 certificate templates to the certification authority.
[February 3, 2009 update] An official Microsoft Knowledgebase article is published under http://support.microsoft.com/kb/967332.
PingBack from http://virdep.wordpress.com/2009/02/14/certificate-templates-cant-be-issued-after-an-implace-upgrade-of-windows-2008-to-the-enterprise-edition/
When I run the certutil command above the registry value changes, but when I restart the certsvc service, the registry value is reverted back to the old value again.
Anyone else had this problem? It is (now) an Enterprise-verion of Windows 2008 R2, used to be a Standard 2003.