1. Installing Certificate Services
You will only need to follow these steps if you do not have certificate services running in your domain. If you already have a certificate server in your domain then you can skip step 1.
Navigate to "Start -> Settings -> Control Panel -> Add/Remove Programs" and click "Add/Remove Windows Components" which will bring up a screen similar to the one shown below:
Check "Certificate Services" and click next. Click "Yes" on the confirmation dialog if the imposed restrictions are OK. On the next screen select the appropriate certificate authority type for your network. Please refer to the Windows Server documentation for more information. In our example we will be installing an "Enterprise Root CA" since it is the first CA server:
Please note that the following screenshots might look differently depending on the type of CA you select here (the screenshots shown are based on the "Enterprise root CA" selection). On the next screen enter the "CA Identifying Information". Make sure that you enter a good common CA name and a specify a validity period that is long enough:
After clicking Next confirm the following dialogs and click "Finish" to complete the setup of the CA.
