CA server set up

For the user, in practical application is mainly achieved through a variety of security technology certificate, the certificate to be issued by the authority of the certification authority CA.
1, find the "role" in the "Server Manager", and then add the role of

2, the other is the default
3, in addition to the default certificate authority, but also need to install the "Certificate Authority web registration" component and open interface click the "Add role services required 'button to install iis role, so that the user can use the browser to request a certificate

4, CA independent installation type selection, if on a domain controller to set up the CA select enterprises and enterprises issuing root CA certificate the object is limited to domain user

5, CA type selection "root CA"

6, select "new private key" set "private" in this for the CA's private key, the private key CA must have before they can issue certificates

7, the default method is created using a private key encryption algorithm is RSA, key length 2048, uses a hashing algorithm SHA1

8, CA name default value

9, CA default period of five years

10, the location of the certificate database storage the default value is

11, web server select role services in the default value
12, confirm to begin the installation correct and
after 13 to complete the installation, authority through the "management tool" in the "certificate "To manage CA

14, open the browser and enter the url ie after restart" HTTP: // ip / certsrv ", to open the certificate request page