You have a Windows Server 2008 R2 Enterprise Root CA . Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA .
You need to allow users to request certificates from a Web interface. You install the Active Directory Certificate Services (AD CS) server role.
What should you do next()