Upload
othmane16
View
83
Download
0
Embed Size (px)
Citation preview
1 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
This process will explain you how to make step by step with GUI.
We supposing: - You installed Microsoft Windows Server 2008 - You have an account with the local Administrator right
For more security: - The server doesn’t must be in the active directory. - The server must be offline after the subordinate CA are installed and configured.
Step 0: Server Manager
Launch Server Manager and click “Add Roles”
Step 1: Add Roles Wizard – Before You Begin
Click Next
2 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 2: Add Roles Wizard – Select Server Roles
Check “Active Directory Certificate Services” and
click Next
Step 3: Add Roles Wizard – Introduction to Active Directory Certificate Services
Click Next
3 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 4: Add Roles Wizard – Select Role Services
Check “Certification Authority” and
“Certification Authority Web Enrollment”
Click Next
Step 5: Add Roles Wizard – Add role services and features required for CAWE
click “Add Required Role Services”
Step 6: Add Roles Wizard – Select Role Services
Click Next
4 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 7: Add Roles Wizard – Specify Setup Type
You can install only Standalone type because
the server is not in the Active Directory.
Click Next
Step 8: Add Roles Wizard – Specify CA Type
Select Root CA
and click Next
5 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 9: Add Roles Wizard – Set Up Private Key
If this is a new CA and you have not a private key for this one select “Create a
new private key”
If you have a private key from a CA on Internet for
this server select “Use existing private key”
And click Next
Step 10: Add Roles Wizard – Configure Cryptography for CA
Click Next
6 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 11: Add Roles Wizard – Configure CA Name
Enter a Common name for this CA and click Next
Step 12: Add Roles Wizard – Set Validity Period
Select validity period for the certificate generated for this
CA
Select 10 years or more
And click Next
7 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 13: Add Roles Wizard – Configure Certificate Database
You can change path for certificate database and for
the log
And click Next
Step 14: Add Roles Wizard – Web Server (IIS)
Click Next
8 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 15: Add Roles Wizard – Select Role Services
Click Next
Step 16: Add Roles Wizard – Confirm Installation Selections
Click Install
9 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 17: Add Roles Wizard – Installation Progress
Wait…
Step 18: Add Roles Wizard – Installation Results
In results you must show Installation succeeded two
times
And click Close
10 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 19: Server Manager
Restart the server
Step 20: Server Manager – Active Directory Certificate Services
In Server Manager click right on CA Name and click
properties
Step 21: LH-CAROOT-CA Properties
In Extensions tab select the line file://<ServerDNS....
And click on Remove
11 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 22: LH-CAROOT-CA Properties – Confirm removal
Click Yes
Step 23: LH-CAROOT-CA Properties
In Select extension choose Authority Information
Access (AIA), select the line file://<ServerDNSName...
And click Remove
Step 24: LH-CAROOT-CA Properties
Click OK
12 / 12 How to install the role ADCS for CA Root Standalone
20
09
-1
1-
05
Tony BAUDEL Microsoft Windows Server 2008
v. 1.0
Step 25: LH-CAROOT-CA Properties – Certification Authority
Click Yes
END