Need to improve error handling:

1) error codes need to be consistent.
Need to document all error codes.
Some error codes are negative and some cases are positive.
Sometimes windows errors are masked instead of reported.

2) errors can be more helpful, to give specific instruction in common
cases (e.g SSL cert name mismatch, and trust issues.

3) it may be appropriate for some errors to be reported to the enrollee.
for others, it may not

4) some failures should be reported at the failure level, so that windows
event logger (and 3rd party tools) will flag them appropriately.

5) If the CA refuses to issue the certificate, it will be returned in the
HTML response. We should parse and log this (and discard most of the rest of
the response.

6) I need to fill in the disposition code and disposition message appropriately.