Preparing the CA Cluster Environment
Applies To: Windows Server 2008
This section describes how to prepare your network environment to support an Active Directory® Certificate Services (AD CS) cluster. The preparation steps include:
Install the operating system on the cluster nodes. To prepare the cluster nodes, you must install Windows Server® 2008 Enterprise on each server hosting a cluster node.
Set up shared storage. To set up a shared storage disk for AD CS, see the configuration procedures that apply for your shared storage solution. Configuring shared storage can be a complex task. This white paper does not provide detailed information about how to configure the shared storage. For more information, see Failover Clusters (https://go.microsoft.com/fwlink/?LinkId=119291).
Note
Plan the size of the shared storage depending on the number of certificates you are enrolling for and the amount of certificate data you need to store. For a single certificate, 64 KB should be sufficient, which includes the certificate request and, if being used, a recover key.
- Configure the network hardware security module (HSM). The configuration of a network HSM is specific to the configuration guidelines of the HSM vendor. Because no common setup procedure exists, it is not included in this white paper. To make the network HSM available to your CA cluster, you will need to follow the steps in the documentation provided by the network HSM vendor.