This is just about Windows Server CA service related configuration. This helped me to practice certificate involved configuration in firewalls etc. Windows guys know these but to help networking guys carry out their labs, I am sharing what I did to create my CA server.
I am using Windows 2016 Server..
Go to Server Manager > Manage > Add Roles & Features
Next Next Next until you get Server Roles
Tick Active Directory Certificate Services
Again Hit Next Next Next until the following selection page and tick the following four items like I have done.
Then again Next Next Next and Install..
Now after the configuration finished, you can see the following blue highlighted line (Configure Active Directory Certificate Services on the destination server) on the results.
I selected Enterprise CA on the next window, and Root CA on the next window..
Selected Create a new private key on the next window and selected SHA 256 on the Cryptography window (most newer servers prefer this).
Renamed the CA name to WIN-CA just because it is easy to remember and didn't change the other defaults on the following window.
Now I hit only Next Next Next without changing anything until I met Configure button on Confirmation page..
After the configuration succeeded it will ask "Do you want to configure additional role services?" This is just asking you whether you want to configure the 2 items which we skipped on the Role Services window.
Hit Yes..
Hit Next on the optout window and select the remaining 2 items and hit Next..
I selected CA name on the next page and hit Next, selected Windows Integration Authentication on the next window and hit Next again, selected Use the built-in application pool identity on Service Account for CES window.
Again selected Windows Integration Authentication on the next window and hit Next..
Select the Certificate we just created on the next window by clicking on it and hit Next..
Next window will configure them all..
Now the CA services configuration is over..
No comments:
Post a Comment