Installing Certificate Services and IAS on Windows Server 2003

  • Article

To enable TESTSERVER to issue certificates and function as a CA, you first need to install Microsoft® Certificate Services. Microsoft Certificate Services provide an integrated public key infrastructure (PKI) that enables the secure exchange of information across a network.

To install and configure Certificate Services

  1. Open Add or Remove Programs from Control Panel.

  2. Choose Add/Remove Windows Components.

    The Windows Components Wizard appears.

  3. In the Components box, select Certificate Services. You will be presented with the After installing Certificate Services, the computer cannot be renamed and the computer cannot join or be removed from a domain. Do you want to continue? message. Choose Yes.

  4. In the Components box, highlight Networking Services, and then choose Details.

    The Networking Services dialog box will appear.

  5. Choose Internet Authentication Service, choose OK, and then choose Next.

  6. On the CA Type page, choose Enterprise root CA, and then choose Next.

  7. On the CA Identifying Information page, in the Common name for this CA box, type the name for the certificate, and then choose Next. For example, you can type Testserver CA as the name of the CA.

  8. On the Certificate Database Settings page, leave the default values, and then choose Next. If Internet Information Services is running, a message prompts you to stop the service. To stop IIS, choose Yes.

  9. While the Windows Component Wizard is installing Microsoft Certificate Services, a message will appear notifying you that Active Server Pages must be enabled to provide Web enrollment services. To enable ASP, choose Yes

  10. Choose Finish to close the Windows Components Wizard.

  11. To verify that you have successfully configured your server as a CA with Web enrollment support, launch the Web browser on TESTSERVER and type the following address in the address bar:

    http://<Server Name>/certsrv

    For example, because TESTSERVER is the name of your domain controller, type the following in the address bar:

    http://TESTSERVER/certsrv

    The Microsoft Certificates Services Welcome page will appear in the browser window.

    Note   Unlike Windows desktop-based wireless clients, Windows CE does not support automatic certificate allocation.

See Also

How to Set Up a Wireless Network with a Security Infrastructure

Last updated on Wednesday, April 13, 2005

© 2005 Microsoft Corporation. All rights reserved.