I can't say for sure if this is your issue, but I can tell you from some (painful) first hand experience, that ADCS Connector, or more specifically, IIS, is VERY particular about the certificates that are in the Root Certification Authority directory in the cert store. Any certs in there have to be self signed, meaning the Issued to and Issued by values must match. If you think about it, that Root Cert store contains the certs that act as authority for other intermediate certificates, so it makes sense that they must have self trust and not be dependent on another issuer.
So I guess what I'm saying is, your error is indicating a certificate trust issue. I would take a look at the certs in that Root Certification Authority and see if any of them are not self signed.
There's a Powershell command you can run as well that will help you determine if any certs in that location are at fault. I'll dig it up and post it here. It's been posted on some other threads here as well if you search around on ADCS.
Edit: In case you wanted to test out the cert issue, here is the PS command you can run
Get-Childitem cert:\LocalMachine\root -Recurse | Where-Object {$_.Issuer -ne $_.Subject} | Format-List * | Out-File "c:\computer_filtered.txt"
The output file should be blank. If anything appears in it, it means it's a non Self-Signed cert and should be dealt with.
