List of Certificate Templates seems to be refreshed periodically. If ADCS is inactive (no certificate is issued) for approx. 15-20 minutes it takes a long time (20-25s) refresh the list of Certificate Templates from DC. (It is equivalent
to the process of displaying certificate templates in: mmc console –> module certification authority –> folder Certificate Templates)
- Until the Certificate Template list is downloaded it is not possible to issue a certificate, so this behavior add unacceptable delay to whole certificate issuance process.
- The error was observed in both Windows Server 2012R2 and 2016 versions.
- Any repeated request (which is sent after the Certificate Templates are refreshed) is processed immediately (overall delay <1s)
- After 15-20 minutes of ADCS inactivity (no certificate is issued) the situation with 20s delay repeats.
Is this by design ?
Can we control the behavior and delay time?