Update Workflows/Windows/Windows Server/Roles/Active Directory Certificate Services/Deployment.md
All checks were successful
GitOps Automatic Deployment / GitOps Automatic Deployment (push) Successful in 7s
All checks were successful
GitOps Automatic Deployment / GitOps Automatic Deployment (push) Successful in 7s
This commit is contained in:
@ -41,11 +41,12 @@ This document outlines the Microsoft-recommended best practices for deploying a
|
||||
- Check the "**Standalone CA**" radio box then click "**Next**"
|
||||
- Check the "**Root CA** radio box then click "**Next**"
|
||||
- Check the "**Create a new private key**" radio box then click "**Next**"
|
||||
-
|
||||
- Click the dropdown menu for "**Select a crypotographic provider**" and ensure that "**RSA#Microsoft Software Key Storage Provider**" is selected
|
||||
- Set the key length to `4096`
|
||||
- Set the hash algorithm to SHA256
|
||||
|
||||
!!! warning "Raw Unprocessed Documentation - Do Not Use"
|
||||
Install AD CS role as a Standalone Root CA.
|
||||
3. Use RSA 4096-bit key, SHA-256, 10-year validity.
|
||||
3. 10-year validity.
|
||||
4. Configure AIA and CDP extensions with HTTP paths.
|
||||
5. Publish root cert and CRL to AD and internal HTTP.
|
||||
3. Online Subordinate CA Setup
|
||||
|
||||
Reference in New Issue
Block a user