This is
fine for our purposes, but when you??™re installing AD Certificate Services, you
should consider how long a certificate should be for your environment. Leave
it set at 5 years for now, and then click Next (Figure 12-4).
12. Set the Certificate Database Location and Certificate Database Log Location.
By default, both are located in %WINDIR%\System32\CertLog (Figure 12-5).
Click Next.
13. Click Next on the Introduction to Web Server (IIS) screen.
Figure 12-3. Configuring the common name and distinguished name suffix
413 Chapter 12: Enterprise Public Key Infrastructure
14. Click Next on the Role Services screen.
15. Confirm the Installation Options and click Install to continue. Click Close when
the installation completes.
CERTIFICATION AUTHORITY MANAGEMENT CONSOLE
You manage your CA by using the Certification Authority MMC snap-in located in the
Administrator Tools Start menu item. When you expand your CA server in the management
console, you will see five folders that help you manage templates, requests, and
certificates, as shown in Figure 12-6. The Revoked Certificates and Issued Certificates
Figure 12-4. Setting the validity period
414 Microsoft Windows Server 2008 Administration
folders contain revoked and issued certificates by the server. The Pending Requests folder
contains any certificate requests that require manual approval (typically used when
the server is configured as a Stand-alone CA).
Pages:
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449