Setting Up Microsoft Active Directory Certificate Services

We can issue and manage PKI certificates by using Microsoft Active Directory Certificate Services. We can turn a server into a trusted authority for our domain. We can request and issue certificates from it, install them on our member servers.


Do not select additional features, click Next


Select Certification Authority role service


Installation Succeeded. Now we need to configure AD Certificate Services.


On Server Manager we can see there is exclamation mark stating that, Post deployment configuration is needed for ADCS. Click on it.






Select Enterprise CA. If it is grayed out, it means your server is not joined to a domain


Select Root CA


Select Create a new private key


Go with defaults and click Next


Do not change anything, go with defaults and hit Next


For the rest of the wizard just keep the defaults and click next and complete the wizard.


Click Close and complete the configuration.



  • Hits: 2594