Active Directory Certificate Services – Configuration

If you are working with Active Directory in any enterprise type environment, more than likely the environment will also have Certificate Services deployed. Working with System Center, there are various uses of Certificate Services for the different components in the suite.

So, if you wanted to mimic an enterprise environment in your lab, you will need to first install Active Directory so that a domain will exist, and then you will need to install the Certificate Services role/feature. Once Certificate Services is installed though, you will still need to configure it before being able to work with it.

Start by launching the Active Directory Certificate Services (AD CS) Configuration Wizard.

On the Credentials page, supply appropriate credentials and then click Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

On the Role Services page, select Certification Authority and then click Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

On the Setup Type page, select Enterprise CA and then click Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

On the Specify CA Type page, select Root CA and then click Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

On the Set Up Private Key page select Create a new private key and then click Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

Leave the defaults on the Configure Cryptography for CA page, and then click Next.

  • Important: CSP, Hash Algorithm and Key length must be selected to meet application compatibility requirements.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

On Configure CA Name page, enter Domain Root CA (ex. SC LAB Root CA) in the Common name for this CA field, and then click Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

On Set Validity Period page enter 10 Years, then select Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

Keep the default on the Configure Certificate Database page, and then click Next.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

On the Confirmation page, click Configure.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

Review the information on the Results page to verify that the installation is successful and then click Close.

ad-cs-configuration-01 Active Directory Certificate Services - Configuration

You now have Active Directory Certificate Services installed.

Here is a video walk through:

)

%d bloggers like this: