Installing Enterprise CA for Active Directory Federation Services

This article involves Installing Enterprise CA for Active Directory Federation Services.

Installing certificate services

Click Next

Select Role Based

select server

Select Active Directory Certificate Service.

Add Features

Click Next

Next

Next

Choose Certification Authority

Click Install

Installation Complete. Click Close.

Configure the Service. Click on “Configure Active Directory Certificate Services”.

Specify Credentials

Next, Select Certification Authority.

Select Enterprise CA.

Select Root CA.

Create new private key.

Next

Next

Next

Configure

Configuration Succeeded!

Now click on close. Then in server manager click on “Tools” > “Certification Authority”.

 

 

Expand the Arrow on the left navigation

Create a new Certificate Template. Right click on Certificate Templates and click Manage.

To create a new one, it is best to duplicate it and then configure it. Scroll down to “Web Server” and right click and click “Duplicate Template”.

This displays the properties for the template. Click on the general tab.

Rename the Certificate to ADFS SSL Certificate.

Now Click the Tab “Subject Name”. Select “Build From this Active Directory Information”. Select “Common Name” From the drop down list. Tick DNS name on and untick “User principal name” (UPN) off.

Now we need to add the server. Select Security Tab. Click Add.

Object Types.

Click on “Computers”. Click Ok.

Now, Type in the Computer Name and click “Check Names”. The name is now underlined. Click “OK”.

On this screen, Click “Enroll”.

Click OK. Close the Certificate Template Console.

Now Right Click “Certificate Templates” > Go to “New” and click “Certificate Template to Issue”.

Select the Certificate that we created earlier.

Now this is listed.

That’s it. Now we can install ADFS.