- Start Microsoft Windows™ Server Manager and open its Dashboard.
- Select .
- Add both the required roles and features and include the management tools:
- Select the Role Services to be configured:
- Confirm the installation selections:
- Click Install. Server Manager displays the installation progress:
- Select the deployment operation by creating a new forest or adding to an existing forest, and specify the domain :
- Server Manager displays configures the selections:
- Specify the type of CA to setup:
- Specify the type of CA:
- Specify the type of private key:
- Specify the cryptographic selections:
- Specify the naming selections for the CA:
- Specify the validity period. The recommended validity period of a CA certificate is 5 years:
- Specify the locations of the certificate database and the log:
- Confirm the selected Active Directory Certificate Services and, if correct, click Configure:
- Select the role services to configure:
- Specify the service account:
- Input the information to enroll for a registration authority (RA) certificate:
- Select cryptography settings for the RA:
- Specify the CA for certificate enrollment web services:
- Select an authentication type:
- Specify the service account:
- Confirm the roles, services and features, then click Configure:This completes the setup of ADCS.