Just as with the offline Root CA, deploying Certificate Services on Windows Server 2012 R2 is simple – open Server Manager, open the Add Roles and Features wizard and choose Active Directory Certificate Services under Server Roles. The following steps are taken on a virtual machine running Windows Server 2012 R2 with all current updates as an Active Directory domain member. Active Directory Certificate Services Overviewĭeploying an Enterprise Subordinate Certificate Authority.
![active directory domain services configuration wizard active directory domain services configuration wizard](https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/images/jj574166.38df8e77-4d91-48bc-a1a6-01e4002c7035(ws.11).jpeg)
For more in-depth reading, here is a list of recommended articles: Further ReadingĪs in my last article, my intention is to not go into detail, rather I’m looking to document a set of recommended steps to get an Enterprise Certificate Authority up and running successfully. Remember, this means that you won’t be installing an Enterprise CA in an environment using Azure Active Directory Domain Services because you won’t have rights. To deploy an Enterprise Certificate Authority you’ll need to be installing certificate services as a member of the Enterprise Admins group, or have permissions delegated to your account.
#ACTIVE DIRECTORY DOMAIN SERVICES CONFIGURATION WIZARD HOW TO#
This article will continue the process and show how to install and configure a Subordinate Certificate Authority that will be used to issue certificates to users and devices. In the last article, I documented the steps for deploying an offline Root Certificate Authority on Windows Server 2012 R2.