Deploying an Enterprise Root Certificate Authority in Windows Server 2019
In this blog post, we will learn the steps on how to install and configure an Enterprise Root Certificate Authority on Windows Server 2019.
An Enterprise Certificate Authority requires Active Directory and is typically used to issue certificates to users, computers, devices, and servers for an organization. Users can request certificates using manual enrollment, web enrollment, auto-enrollment, or an enrollment agent.
Step-1. Install Active Directory Certificate Services
As this is a virtual test lab, I have chosen to install the CA on to my Domain Controller rather than a dedicated server.
Domain Controller: WS2K19-DC01.mylab.local
2. In the Server Manager console, click on Manage and select Add roles and features.
Wait for few minutes to complete the installation.
Step-2 Configure Active Directory Certificate Services
15. On the Installation progress page, after installation is successful, click on Configure Active Directory Certificate Services on the destination server link.
Step-3 Verify AD CS installation and configuration
27. To confirm that the web enrollment page is working open a web browser and access the URL https://localhost/certsrv.