Install and Configure Certificate Authority in
Windows Server 2016
We will see below topics in this article
● Install Certificate Authority on Windows Server 2016
● Configuring Certificate Authority on Windows Server 2016
● Assigning Certificate on Exchange Server 2016
● Assigning on Test Machine to see Certificate authority is working for Outlook Web Access
Step 1:
You need to have this role installed to have a Certificate Authority
Preferred to be on Dedicated Server or on a Domain Controller.
Open Server Manager – Manage – Add Roles and Features
Step 2:
Choose : Active Directory Certificate Services
Choose Next
And Choose : Certification Authority Web Enrollment
�Choose :
● Certification Authority
● Certification Authority Web Enrollment
Choose Install and Close
Step 3:
To Configure Active Directory Certificate Services – Choose the Exclamation Mark on the Flag
Configure Active Directory Certificate Services on the Destination Server
�Choose Next
Choose
● Certificate Authority
● Certification Authority Web Enrollment
�Choose Enterprise CA
● Enterprise CAs Must be domain members and are typically online to issue certificates or certificate policies.
�Step 4:
Choose Root CA
Root CAs are the first and may be the only CAs Configured in a PKI Hierarchy.
�Step 5:
Create a new Private key
�Step 6:
● Use SHA256
● RSA#Microsoft Software Key Storage Provider
● Key Length – 2048
�Step 7:
Click Next
�Step 8:
By Default Certificate is valid for 5 years , Don’t make any changes on it , Click next
�Step 9:
Specify Certificate Authority Default Database Locations
�Click Configure
�Choose Configure
�We have successfully Installed and Configured – Certificate Authority on Windows Server 2016
