Installing and Configuring Windows Server 2003 Enterprise Certification Authority


Topic Last Modified: 2005-05-19

The first step in setting up your lab is to configure your computer running Windows Server 2003 Enterprise Edition to be an enterprise certification authority (CA). The CA is responsible for issuing digital certificates that provide S/MIME functionality. To configure your enterprise CA, you will need to:

  • Install and configure the Microsoft Active Directory® directory service.

  • Install and configure Certificate Services.

After you complete these steps, your Windows Server 2003 enterprise CA will be configured to issue digital certificates.

To ensure TCP/IP network connectivity for your lab, you will either have to configure static IP addresses for your test computers, or configure a server running Windows Server 2003 to be a Dynamic Host Configuration Protocol (DHCP) server. For more information, see Windows Server 2003 Help.

After you have completed a default installation of Windows Server 2003 Enterprise Edition, you will need to install and configure Active Directory, because Certificate Services enterprise CA requires an Active Directory environment to install and configure successfully.

You must use Windows Server 2003 Enterprise Edition for the system that will be your CA. Windows Server 2003 Standard Edition is not designed to be an enterprise CA.

For detailed steps, see How to Install Active Directory on Windows Server 2003

After you have successfully installed Active Directory you can now install and configure Certificate Services.

One capability of Certificate Services that you will want to use in your lab is the Web-based enrollment feature. This feature requires Internet Information Services (IIS) to function. Therefore, before installing Certificate Services, you must first install IIS. For detailed steps, see How to Install IIS on Windows Server 2003.

After you install IIS, you can now install Certificate Services. For detailed steps, see How to Install a Windows Server 2003 Enterprise CA.

After you have successfully configured your enterprise CA, you will be ready to issue digital certificates to users. The next step in building your lab environment is to configure Exchange 2003 to support S/MIME.


Community Additions