Certificate Templates are used by Enterprise Certification Authorities (CA) to define the purpose and content of certificates that can be issued to a requesting entity like user, computer or network service.
In this exercise, you will first install AD Certificate Services and its required components and later customize the certificate template properties.
To get more information about managing certificate templates, please refer to your course material or use your preferred search engine to research this topic in more detail.
Task 1 - Add AD Certificate Services and Certificate Web Enrollment Services
Typically, in a corporate network a dedicated server is set aside to handle certificate issuance and management to requesting users, computers or network service. In this task, you will add AD Certificate Services (AD CS) and Certificate Authority Web Enrollment Services on the PLABDM01 server.
To add AD CS and Certificate Web Enrollment, perform the following steps:
Step 1
Ensure you have powered on the required devices indicated in the Introduction.
Connect to the PLABDM01.
In the Server Manager > Dashboard window, click on the Tools menu and select Windows PowerShell.
Step 2
Please note that Windows PowerShell commands are not case-sensitive.
In the Windows PowerShell window, to add Active Directory Certificate Services and Certification Authority Web Enrollment features, type the following command:
Please wait while installation of the selected Windows features is in progress. This will take a few minutes.
Important: You may notice a bit of a time lag about 2 minutes as the features are being installed. Installation may seem to have frozen or stopped processing. Should this happen, click inside the Windows PowerShell window and press Enter to refresh the screen. If you are using HTML5 client, pressing Enter will display the Clipboard window. Close the clipboard window if it opens while working in the labs.
Step 4
Windows PowerShell confirms the successful installation of the Active Directory Certificate Services and Certification Authority Web Enrollment features.
Keep Windows PowerShell window open.
Task 2 - Install AD Certificate Enterprise CA and CA Web Enrollment Service
In the earlier task, you simply added the AD Certificate Services and CA Web Enrollment features into Windows. It is essential that those two services be installed and configured with their respective system settings to make them capable of issuing certificates to requesting user, computer or service.
To install and configure AD Certificate Services and CA Web Enrollment, perform the following steps:
Step 1
In PLABDM01, Windows PowerShell is open.
To install AD Certification Authority as an Enterprise Root CA using default settings, type the following command:
Comments
Post a Comment