Active Directory Configuration › How to Add the Active Directory Certification Role to Active Directory

How to Add the Active Directory Certification Role to Active Directory

Follow these steps:

1. Log in to the Active Directory Domain Controller as the Domain Administrator
2. Open the Server Manager.

   

3. Right-click the Computer icon and select Manage.
4. Expand Server Manager, select Roles, and click Add Roles.

   The Add Roles page opens.

   

5. Click Next.

   The Select Server Roles page opens.

   

6. Select Active Directory Certificate Services, and click Next.

   The Introduction to Active Directory Certificate Services page opens informing you about the services.

7. Click Next.

   The Select Role Services page opens.

   

8. Select Certification Authority, and click Next.

   The Specify Setup Type page opens.

   

9. Select Enterprise, and click Next.

   The Specify CA Type page opens.

   

10. Select Root CA, and click Next.

    The Set Up Private Key page opens.

    

11. Select Create a new private key, and click Next.

    

12. Complete the following fields:
    • Select RSA#Microsoft Software Key Storage Provider from the CSP drop-down list.
    • Select 2048 from the Key character length drop-down list.
    • Select SHA1 as the hash algorithm for signing certificates.
    • Ensure the check box Allow administrator interaction when the private key is accessed by the CA is clear.
    • Click Next.

    The Configure CA Name page opens.

    

13. Complete the following fields:
    • Enter a name in the Common name for this CA field.
    • Enter a suffix to the name in the Distinguished name suffix field.
    • Preview the name in the Preview of distinguished name field.
14. Click Next.

    The Set Validity Period page opens.

    

15. Set the validity period, and click Next.

    

16. Complete the following fields:
    • Verify or change the Certificate database location.
    • Verify or change the Certificate database log location.
    • Click Next.

    The Confirm Installation Selections page opens.

    

17. Verify the Active Directory Certificate Services setup, and click Install.

    The Installation Results page opens.

    

18. Verify that the installation has succeeded.
19. Click Close to close the Add Role Wizard.
20. Verify that the Server Manager now has an Active Directory Certificate Role.
21. Close the Server Manager.

    You have successfully added the active directory certification role to the Active Directory.