Missing certificate templates while requesting certificate from MMC Certificates snap-in

I’ve noticed that I’ve gotten a lot of calls in the past from clients about missing certificate templates while trying to use the MMC Certificates snap-in to request a new certificate so I decided to write this short post so I can point clients or coworkers to it in the future.

Problem

You attempt to use the Certificates snap-in to request a new certificate:

… but notice that the list displayed under the Active Directory Enrollment Policy in the Request Certificates step of the Certificate Enrollment process does not list all of the certificate templates as being available:

Solution

The reason why certain certificates aren’t listed in the list is because the Authenticated Users does not have Enroll permissions log onto your certificate authority, open the Certificate Authority administration console, right click on Certificates Templates and click on Manage:

Within the list of templates that are displayed, select the template you would like to be available and open the properties.  For this example, we’ll use the Web Server Exportable template:

Navigate to the Security tab and notice how the Authenticated Users does not have the Enroll permissions:

**Note that it’s also important to note is that my account Terence had enroll permissions but the Certificate MMC Snap-in appears to authenticate with Authenticated Users.

Proceed with adding the Enroll permissions to Authenticated Users:

Now when you use the certificates snap-in to request a certificate, you should see the template listed: