1. Start Microsoft Windows™ Server Manager and open its Dashboard.
  2. Select Manage > Add Roles and Features.
  3. Add both the required roles and features and include the management tools:
  4. Select the Role Services to be configured:
  5. Confirm the installation selections:
  6. Click Install. Server Manager displays the installation progress:
  7. Select the deployment operation by creating a new forest or adding to an existing forest, and specify the domain :
  8. Server Manager displays configures the selections:
  9. Specify the type of CA to setup:
  10. Specify the type of CA:
  11. Specify the type of private key:
  12. Specify the cryptographic selections:
  13. Specify the naming selections for the CA:
  14. Specify the validity period. The recommended validity period of a CA certificate is 5 years:
  15. Specify the locations of the certificate database and the log:
  16. Confirm the selected Active Directory Certificate Services and, if correct, click Configure:
  17. Select the role services to configure:
  18. Specify the service account:
  19. Input the information to enroll for a registration authority (RA) certificate:
  20. Select cryptography settings for the RA:
  21. Specify the CA for certificate enrollment web services:
  22. Select an authentication type:
  23. Specify the service account:
  24. Confirm the roles, services and features, then click Configure:This completes the setup of ADCS.