The difference between the enterprise and stand-alone CA CA
① enterprise CA: requirements domain environment, responsible for issuing certificates for users and computers in a domain; since the domain user during the login process has been authenticated, so when a domain user to the enterprise CA request a certificate, the certificate will be issued automatically, without administrator operating.
② independent CA: does not require a domain environment, you can think that the intranet users can also issue certificates for users on the Internet; Certificate must be operated by the administrator.
CA set up a separate server
1. Open the "Server Manager", click "Add Role"
2. Click "Next"
3, check the "Certificate Services" and click "Next"
4. Click "Next"
5. Check the "Certificate Authority web registration ", click on the Add roles Wizard" add the required role services "
6 click" Next "
7, select the" independent ", click" Next "
8, select the" root ", click" Next "( among them, the root CA is the most trusted CA level architecture, which is generally responsible for managing the entire CA system, under the sub-CA certificate issuance and management, rather than directly to the user to issue the certificate. the following root CA is called sub-levels CA, user-oriented jurisdictions responsible for issuing and managing certificates)
9, select "new private key", click "Next" and click "Next"
10, "Common name" can be modified, click "Next", click " Next ", click" Next ", click" Next "
11, according to their own needs to add features, click on the" Next "
12, click" install ", the installation is successful click the" close "
13, [start] in - Management Tools - Open the "Certification Authority", where you can manage the certificates of
14, with access to certificate the browser (## format:Host IP address / certsrv)
If this warning box appears when accessing, click "Add" button