How to Install, Configure, and Test Certificate Services in a Windows Server 2012 R2 Domain
Part 1 of 5:
Reviewing the Configuration
- Review network configuration.
- Verify IP address, subnet mask, Preferred DNS, and name of the Windows Server 2012 R2 computer: 172.16.150.10, 255.255.255.0, 172.16.150.10, w12r2a10
- Verify IP address, subnet mask, Preferred DNS, and name of the Windows 7 computer: 172.16.150.15, 255.255.255.0, 172.16.150.10, w715.
- Review domain configuration.
- Verify the Windows Server 2012 R2 named w12r2a10, is configured to host the domain kim.com, Passworda10.
- Verify the Windows 7 client, named w7a15, is configured as a kim.com domain member.
- Verify that you have created a domain user named raja.
Part 2 of 5:
Installing, Configuring, and Verifying AD Certificate Services
- Install Active Directory Certificate Services.
- Use the default settings on the machine named w12r2a10, which is hosting domain kim.com.
- Keep the Installation progress window open.
- Configure active directory certificate services.
- Click Configure Active Directory Certificate Services on the destination server when the blue installation progress bar is 100%; this action displays the Credentials window.
- Click Next to display Role Services.
- Click the checkbox next to Certification Authority and click Next.
- Click Next several more times to accept all defaults and display Confirmation.
- Click Configure to display results and verify there is a green circle with a white check mark, and click Close twice.
- Verify Active Directory Certificate Services.
- Open Administrative Tools and double click Certification Authority.
- Expand kim-W12R2A10-CA and click Issued Certificates.
- Right click the white area and click Refresh, if it is empty.
- Reboot the domain controller, if it is still empty after a few refreshes.
- Display Issued Certificates after reboot and scroll the right pane, to review it.
- Notice that w12r2a10.kim.com is listed under Issued Common Name.
Part 3 of 5:
Installing and Browsing Web Server (IIS)
- Install Web server (IIS).
- Configure the default settings, while installing IIS on the machine named w12r2a10, which is hosting domain kim.com.
- Keep the Installation progress windows open.
- Click Close when the blue installation progress bar is 100%.
- Browse Web server (IIS).
- Go to Administrative Tools.
- Double click Internet Information Services Manager.
- Expand w12r2a10 (KIM...) and expand sites.
- Click Default Web Site and then click Bindings under Actions.
- Click Add.
- Click the dropdown menu under Type and select https.
- Click the dropdown under SSL certificate, where you will see the certificates for the certification server, kim-w12r2a01-CA, and the Domain (Web server), w12r2a10.kim.com.
- Click Cancel followed by Close.
Part 4 of 5:
Displaying Domain Member Certificate Configuration
- View certificate on domain member.
- Log on to the domain from w7a15 as user raja. Configure IE to point to your homepage, http://w12r2a10.kim.com.
- Terminate and restart IE to display your homepage.
- Go to IE, Tools, Internet Options, Content, Certificates and click all tabs to view their listings.
- Notice that Intermediate Certification Authorities and Trusted Root Certification Authorities have an entry for Certification Authority server, kim-w12r2a10-CA.
- Notice that Personal is empty; why? Because domain user raja has not requested one.
- Go to IE, Tools, Internet Options, Content, Publishers and click all tabs.
- Notice that Intermediate Certification Authorities and Trusted Root Certification Authorities have an entry for Certification Authority server, kim-w12r2a10-CA.
- Notice that this Personal is also empty.
- Why is a certificate entry in Trusted Root Certification Authorities has an entry, kim-w12r2a01-CA, important? It means that the server is trusted by the member client; specifically, the client can display the https page if the Web server is configured to serve it.
- Display your homepage on w7a15 using https.
- Note that even though the server and client have certificates, https does not work.
- Observe that the reason it does not work is because port 443 is not configured.
Part 5 of 5:
Applying and Verifying Secure Socket Layer (SSL)
- Configure SSL.
- Go to Administrative Tools on the domain controller.
- Double click Internet Information Services Manager and expand w12r2a10 (KIM...)
- Expand sites.
- Click no, if you are prompted about Microsoft Web Platform.
- Click Default Web Site and click Bindings under Actions.
- Click Add.
- Click the dropdown menu under Type and select https.
- Click the dropdown menu under SSL certificate, where you will see the certificate for the certificate server, kim-w12r2a10-CA, and the Domain (Web server), w12r2a10.kim.com.
- Click OK. .
- Notice that https is now listed in Site Bindings.
- Click Close.
- Note that the server is now configured for https access
- Verify SSL.
- Logon to the domain from w7a15 as user raja.
- Display your homepage on w7a15 using https.
- Note that it works, since the server is configured to server https pages.
- Note also that, even though raja does not have a certificate, the https page displayed, because of these reasons.
- w7a15, which raja is using, has a certificate issued by the enterprise CA.
- kim-w12r2a01-CA; specifically, there is now a trust between the domain controller and w7a15
- SSL is configured, but it is not being enforced
4 ★ | 1 Vote
You should read it
- How to Configure CAWE in a Windows Server 2012 R2 Domain
- The best top 10 Public DNS Server you should know now
- Fix the problem when removing Windows Server 2008 Server Core from the domain
- Install Windows Server 2003 and create a backup server
- Learn about .io domain names
- How to join the domain in Windows 7
- How to Fix DNS Server Not Responding Problem
- Deploy Domain System On Windows Server 2003 Active Directory
May be interested
- Install DNS server and Domain Controller in Windows Server 2003dns configuration is similar to installing it, which means you don't need to be too bothered or ask any administrator to help you do that, because you can do this yourself.
- Install and configure Windows Server 2008 DHCP Serverbefore you can use advanced dhcp services, you need to install and configure some basic issues. that is the content we will introduce in the article.
- Instructions for creating a Domain Controller - DC on Windows Server 2012in the tutorial article below, tipsmake.com will introduce you how to create domain controller - dc on microsoft windows server 2012 platform. the installation of windows server, we please ignore because it is quite simple, the graphical interface is already available, you just need to click next> next> finish to be ...
- Install Windows Server 2003 and create a backup servernetwork management documentation server 2003 as details of how to install, create a companion server in case the main server is malfunctioning, create a domain, join the client to the domain, the conection {remote desktop from the client data to server}, set adsl router parameters to server, turn off 1 working machine immediately.
- How to install DNS Server on Windows Server 2019from microsoft, the domain name system (dns) is one of the industry standard protocol sets that includes tcp / ip, along with dns client and dns server that provide name resolution services that map names to the ip addresses of computers. .
- Deploying IPsec Server and Domain Isolation with Windows Server 2008 Group Policy - Part 2in this part 2, we'll move on to the second step, which is the step to install and configure the network policy server, the health registration authority and the subordinate ca.
- Deploy Domain System On Windows Server 2003 Active Directorywindows server 2003 is the most complete network operating system available today, we can use windows server 2003 to deploy user and resource management domain systems for a company or build powerful web servers, organize file server to store data, provide services for users ...
- Install Role, configure role on Windows Server 2012like previous versions, windows server 2012 has many associated roles. roles and features are tools you need to install or enable to complete your it administration tasks, if you don't install them, you can't do anything. in this article, we will learn how to install and configure the most important roles.
- How to install and use IIS on Windows Server 2019according to microsoft, web server (iis) in windows server 2019 provides a secure, easy to manage, modular, and scalable platform for reliably hosting websites, services, and applications. .
- How to install and configure backups in Windows Server 2012in this article, we will learn how to install and configure backups, which are not too different from previous versions.