It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Campus Barracuda Campus
Barracuda Web Security Gateway
Overview Documentation Training Certification Materials

How to Install AD CS on Windows Server

  • Last updated on

In your Windows Server, if Server Manager does not have AD CS installed, follow the steps below to install it before exporting a certificate for LDAPS.

  1. In Server Manager, click Manage, and then click Add Roles and Features. The Add Roles and Features Wizard opens. In Before You Begin, click Next.

    image-2024-4-11_14-19-42.png

  2. In Select Installation Type, ensure that Role-Based or feature-based installation is selected, and then click Next.

    image-2024-4-11_14-20-33.png

  3. In Select destination server, ensure that Select a server from the server pool is selected. In Server Pool, ensure that the local computer is selected. Click Next.

    image-2024-4-11_14-21-17.png

  4. In Select Server Roles, in Roles, select Active Directory Certificate Services. When you are prompted to add required features, click Add Features, and then click Next.

    image-2024-4-11_14-23-28.png


    image-2024-4-11_14-23-52.png


    image-2024-4-11_14-24-23.png

  5. Select features, then click Next. In Active Directory Certificate Services, read the provided information, and then click Next.

  6. In Confirm installation selections, click Install. Do not close the wizard during the installation process.

    image-2024-4-11_14-28-20.png


    image-2024-4-11_14-29-48.png

  7. When installation is complete, click Configure Active Directory Certificate Services on the destination server. The AD CS Configuration wizard opens. Read the credentials information and, if needed, provide the credentials for an account that is a member of the Enterprise Admins group. Click Next.

    image-2024-4-11_14-32-54.png 

  8. In Role Services, click Certification Authority, and then click Next. On the Setup Type page, verify that Enterprise CA is selected, and then click Next.

    image-2024-4-11_14-34-19.png

  9. On the Specify the type of the CA page, verify that Root CA is selected, and then click Next.

    image-2024-4-11_14-35-5.png

  10. On the Specify the type of the private key page, verify that Create a new private key is selected, and then click Next.

    image-2024-4-11_14-35-37.png

  11. On the Cryptography for CA page, keep the default settings.

    image-2024-4-11_14-36-15.png

  12. On the CA Name page, keep the suggested common name for the CA.

    image-2024-4-11_14-36-58.png

  13. On Validity Page, select the required validity and click Next.

    image-2024-4-11_14-37-42.png

  14. On the CA Database page, in Specify the database locations, specify the folder location for the certificate database and the certificate database log. If you specify locations other than the default locations, ensure that the folders are secured with access control lists (ACLs) that prevent unauthorized users or computers from accessing the CA database and log files. Click Next.

    image-2024-4-11_14-39-3.png


  15. Finally, click Configure in the confirmation page and click Close. AD CS is successfully installed.

    ad-cs-success-install.png

    ad-cs-success-install-result.png

Once AD CS is installed, follow the steps to Export a Root Certificate from Windows Server.