How to set up CA server on server 2012

本文详细介绍在Windows Server 2012环境下安装配置证书颁发机构(CA)服务器的过程,包括安装环境要求、步骤详解及常见问题解答,如禁用挑战密码等。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

1.      Installationenvironment

(1)   windows edition: windows server 2012 standard

(2)   System type: 64-bit Operating system, x64-basedprocessor

(3)   Processor: Intel(R) Xeon(R) CPU E5620 @2.40GHz2.39GHz

(4)   Installed memory(RAM): 8.00G

2.      installCA server

(1)     open the Server Manager->select Dashboard->clickAdd roles and features->next

(2)     select Role-based or feature-basedinstallation->next

(3)     select a server from the server pool->next

(4)     select Active Directory Services->next

(5)     select .Net Framework3.5 Features->next->next

(6)     select CertificationAuthority&&Certification Authority Web Enrollment->next

(7)     click Add features->Addfeatures->next->next

(8)     select Web server in roles services->next

(9)     click install

3.      configureCA server

(1)     click the yellow flag on the title->clickConfigure Active Directory Certificate Services

(2)     select Credentials -> next

(3)     select Certification Authority&& CertificationAuthority Web Enrollment ->next

(4)     select standalone-CA -> next

(5)     select root-CA -> next

(6)     select create new private key ->next

(7)     set the Key length->next

(8)     set CA-name ->next

(9)     set term of validity->next

(10)  setthe location of CA database ->next

(11)  selectWindows integrated authentication->next->next

(12)  clickconfigure

(13)  complete

(14)  visitthe URL “IP/certsrv/”, confirm installation success.

4.      installNDES(SECP)

the process is similar to CA server.

5.      FAQ

(1)   How to disable the challenge password?

1)     Click Start enter regedit in the search bar.

2)     Navigate to Computer > HKEY_LOCAL_MACHINE> SOFTWARE > Microsoft > Cryptography > MSCEP > EnforcePassword.

3)     Ensure that the EnforcePassword valueis set to 0 (the default value is 1).

(2)   How to set static challenge password?

1)     Ensure that the UseSingle Password valueis set to 0 (the default value is 1).

(3)   How to set the Valid date of CA Certificate?

1)   click the following registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\CertSvc\Configuration\<CAName>

2)   In the right pane,double-click ValidityPeriod.

3)   In the Value data box,type one of the following, and then click OK:

4)   Days/Weeks/Months/Years

5)   In the right pane,double-click ValidityPeriodUnits.

6)   In the Value data box, type the numericvalue that you want, and then click OK. For example, type 2.

Restart CA server.
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值