Jump to content


Sign in to follow this  
jamitupya

Guide: Installing Active Directory Certificate Services

Recommended Posts

This guide WILL give you a basic run down of howto setup a Trusted Certificate Server in your LAB Environment.

This guide will NOT provide specific information outside of the sample data on management of the certificates.

This guide assumes that you have first setup Windows Server2008 and configured it for Active Directory.

In a productionenvironment please consult Technet for best practices, see below links:

Active DirectoryCertificate Services Overview (AD CS Win2008+)

CertificateServices Overview

CertificateServers Best Practices: Public Key

Installation of Active DirectoryCertificate Services:

Log onto your Domain controller you wish touse as a CA

 

Start "Server Manager"

 

2009-12-08_170117.jpg

 

 

Select "Add Role"

 

 

2009-12-08_170118.jpg

 

Click Next

 

 

2009-12-08_170119.jpg

 

Select "Active Director Certificate Services" Click Next

 

 

2009-12-08_170155.jpg

 

Select "Certification Authority", "Certification Authority Web Enrolment" and "Certificate Enrolment Policy Web Service" Click Next

 

 

2009-12-08_170205.jpg

 

Select Enterprise and Click Next

 

 

2009-12-08_170212.jpg

 

Select "Root CA" and click Next

 

2009-12-08_170221.jpg

 

Select "Create a new Private Key" and Click Next

 

 

2009-12-08_170239.jpg

 

Leave as Defaults (or above settings) and Click Next

 

 

2009-12-08_170317.jpg

 

Configure your CA name as you see fit, Keep in mind that this is the "name" users will see when registering against this Certificate Authority Store.

 

Click Next

 

2009-12-08_170324.jpg

 

Select your time for the certificates to be valid (default is 5years) and Click Next

 

 

2009-12-08_170333.jpg

 

Click Next

 

 

2009-12-08_170401.jpg

 

Select Windows Integrated Authentication and Click Next

 

 

2009-12-08_170518.jpg

 

Select Choose and Assign a Certificate for SSL Later and Click Next

 

 

2009-12-08_170528.jpg

 

Click Install

 

 

2009-12-08_170535.jpg

 

installing ........

 

 

2009-12-08_170738.jpg

 

Click Close

 

Finished PART 1

 

 

<div><br></div><div><br></div><div><br></div>

Share this post


Link to post
Share on other sites


yeah now i think of it that was on an r2 DC.....the roles handle the same mostly, just the friendly name in the selections have changed....

 

will confirm next week....

 

let us know if you have difficulties, we're all happy to assist

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...