When I would try to request a certificate from a CA through the /certsrv site I would receive an error message stating that "An unexpected error has occurred".
I found two error messages in the event logs on the CA.
Source: CertSvc
Event ID: 86
Description:
Certificate Services could not use the provider specified in the registry for encryption keys. Access is denied. 0x80070005 (WIN32: 5)
Source: CertSvc
Event ID: 87
Description:
Certificate Services could not use the default provider for encryption keys. Keyset does not exist 0x80090016 (-2146893802)
To resolve the issue I followed recommendations from this article:
http://support.microsoft.com/kb/908572/en-us
CAUSE
This issue occurs if the administrator who tries to create the certificate request does not have Full Control permissions on the files and the subfolders in the following folder:
\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
RESOLUTION
To resolve this issue, grant the administrator account Full Control on all files and subfolders in the MachineKeys folder. To do this, follow these steps:
1. Click Start, click Run, type "\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\", and then click OK.
2. Right-click MachineKeys, and then click Properties.
3. On the Security tab, click Administrator or click the administrator group account you want, click to select the check box to enable Full Control permissions, and then click OK.