Update Workflows/Windows/Windows Server/Roles/Active Directory Certificate Services.md
All checks were successful
GitOps Automatic Deployment / GitOps Automatic Deployment (push) Successful in 7s
All checks were successful
GitOps Automatic Deployment / GitOps Automatic Deployment (push) Successful in 7s
This commit is contained in:
@ -18,6 +18,7 @@ This document outlines the Microsoft-recommended best practices for deploying a
|
||||
## Offline (Non-Domain-Joined) Root CA `LAB-CA-01`
|
||||
### Role Deployment
|
||||
This is the initial deployment of the root certificate authority, the settings here should be double and triple checked before proceeding through each step.
|
||||
|
||||
- Provision a **non-domain-joined** Windows Server
|
||||
- This is critical that this device is not domain-joined for security purposes
|
||||
- Navigate to "**Server Manager > Manage > Add Roles and Features**"
|
||||
@ -37,6 +38,7 @@ This is the initial deployment of the root certificate authority, the settings h
|
||||
|
||||
### Role Configuration
|
||||
We have a few things we need to configure within the CA to make it ready to handle certificate requests.
|
||||
|
||||
- Navigate to "**Server Manager > (Alert Flag) > Post-deployment Configuration: Active Directory Certificate Services**"
|
||||
- You will be prompted for an admin user, in this example, you will use the pre-populated `LAB-CA-01\Administrator`
|
||||
- Check the boxes for `Certification Authority` and `Certification Authority Web Enrollment` then click "**Next**"
|
||||
|
||||
Reference in New Issue
Block a user