Skip to main content

How can we help you?

Druva Documentation

How to install Active Directory Certificate Services on Windows 2012

License editions: To understand the applicable license editions, see Plans & Pricing.

Overview

This topic describes the steps to install the Active Directory Certificate Services (AD CS) on Windows 2012.

Procedure

To install Active Directory Certificate Services on Windows 2012

  1. Open Server Manager.
  2. Go to Manage > Add Roles and Features. Add Roles and Features Wizard appears on the page.
  3. On the Before you begin wizard page, verify that your destination server and network environment are prepared for the role and feature you want to install. Click Next.
    Wizard_page1.png
  4. On the Select installation type page, select Role-based or feature-based installation to install all parts of roles or features on a single server. Click Next.
    Wizard_page2.png
  5. On the Select destination server page, select a server from the server pool list. Click Next.
    Wizard_page3.png
  6. On the Select server roles page, select Active Directory Certificate Services check box. A window appears on the page to confirm the features that are required for Active Directory Certificate Services, click Add features.
    Wizard_page4.png
    Wizard_page4_confirmation.png
  7. On the Select features page, click Next.
    Wizard_page5.png
  8. On the Select  role services page, select Certification Authority Web Environment to allow users to request certificates using a web browser. You can also select other Role Services as per your requirement. A window appears that shows you the additional services that are required to support the role. Click Add Features to allow these features to be added. Click Next on the wizard.
    Wizard_page5_role_services.png
    Wizard_page5_role_services_confirm.png
  9. On the Web Server Role (IIS) page, click Next.
    Wizard_page6.png
  10. On the Confirm installation selections page, verify the information, and then click Install.
    Confirmation_screen.png
  11. Wait for the installation to complete. When the installation is complete, click the Configure Active Directory Certificate Services on the destination server link.
    Destination_server_link.png
    Note: If you click Close before the installation completes, you can complete the configuration of the role service through a link to complete the configuration in the notifications icon of Server Manager.
  12. On the Credentials page, you can see Administrator is displayed in the Credentials box. Click Next.
    credentials.png
  13. On the Role Services page, select the Certification Authority and Certification Authority for Web Enrollment check boxes. Click Next.
    Role_services.png
  14. On the Setup Type page, select Enterprise CA as the CA type to allow integration with your AD.
    Setup_type.png
  15. On the CA Type page, Root CA is selected by default. Click Next.
    CA_type.png
  16. On the Private Key page, leave the default selection to Create a new private key selected. Click Next.
    Private_key.png
  17. On the Cryptography for CA page,
    1. Select the default cryptographic provider as RSA#Microsoft Software Key Storage Provider.
    2. Select Key length as 2048 or above.
    3. Select SHA1 as the hash algorithm and click Next.
    Cryptography_for_CA.png
  18. On the CA Name page, specify the name of your CA in the Common name for this CA text box.
    CA_name.png
  19. On the Validity Period page, select the number of years for the certificate to be valid.
    Validity_period.png
  20. On the CA Database page, specify the locations for the database and database log files. Click Next.
    CA_database.png
  21. On the Confirmation page, click Configure. Results screen appears after configuration is complete.
    Confirmation.png