1. Start Microsoft Windows™ Server Manager and open its Dashboard.
2. Select Manage > Add Roles and Features.
3. Add both the required roles and features and include the management tools:
4. Select the Role Services to be configured:
5. Confirm the installation selections:
6. Click Install. Server Manager displays the installation progress:
7. Select the deployment operation by creating a new forest or adding to an existing forest, and specify the domain :
8. Server Manager displays configures the selections:
9. Specify the type of CA to setup:
10. Specify the type of CA:
11. Specify the type of private key:
12. Specify the cryptographic selections:
13. Specify the naming selections for the CA:
14. Specify the validity period. The recommended validity period of a CA certificate is 5 years:
15. Specify the locations of the certificate database and the log:
16. Confirm the selected Active Directory Certificate Services and, if correct, click Configure:
17. Select the role services to configure:
18. Specify the service account:
19. Input the information to enroll for a registration authority (RA) certificate:
20. Select cryptography settings for the RA:
21. Specify the CA for certificate enrollment web services:
22. Select an authentication type:
23. Specify the service account:
24. Confirm the roles, services and features, then click Configure:This completes the setup of ADCS.