Installation Certificate Authority on Windows Server 2016 DC Guide
4. Click Next To Continue.
6. Click on Install To Process Installation of CA Authority Feature.
7. Click on Close Once Installation Is Complete.
8. To Configure Active Directory Certificate Services to review the installation status.
9. Select Next To Specify credential to configure role services.
10. Select Certificate Authority and Certification Authority Web Enrollment
13. Select Create a New Private key and Click Next.
14. Select RSA 256 – Keep Default with 2048 key Character length
Please note SHA256 as SHA1 is deprecated
To Upgrade your existing internal CA –
*download Digicert Certutil.
15. Keep all Common Name, Distinguished name Suffix, Preview DN default, Click Next
16.By Default Certificate is valid for 5 years , Don’t make any changes on it , Click next
17. Keep Certificate database location and log location default. and Click Next.
18. Review Configuration Summary Page and Click Configure.
18. This should complete the CA Certificate Server. -Click Close
19. Set 443 or Secure Socket Layer protocol for Certsrv Web.
Let us see how to Request a Create a Simple Cert from Internal Certificate Authority
Now if you Open IIS Manager, you will see “CertSrv” a Virtual Directory Created,
20. If you don’t see a “Browse *.443(https) , It means binding is not there.
To add binding – Right Click on Default Web Site – Click on Edit Bindings
21. Click on add HTTPS – 443 – Choose the CA Cert
SSL Certificate :
Now you can see 443 in your website.
Now CA Authority Server Installation and Configuration Is complete.
22. Validate CA Certificate Home Page is working.. Go to https://localhost/certsrv or IP/FQDN Where CA Certificate Server is installed at.