6. After checking the option Certificate Authority Web Enrolment, if IIS is not installed in the server,
another window Add Required Role Services window will appear.
7. On the above window, click on Add Required Role Services button and click Next to invoke Specify
Setup Type window.
8. In the above window depending on the requirement select either Enterprise or Standalone radio
button and click Next to open Specify CA Type window.
9. In Specify CA Type window, depending on the requirement select either Root CA or Subordinate CA
radio button and click Next to open Setup Private Key window.
10. In Setup Private Key window, depending on the requirement select either Create a new private key
or Use existing private key radio button and click Next to open Configure Cryptography for CA
11. In Configure Cryptography for CA window, depending on the requirement select the value for field
Select a cryptography service provider (CSP) from the combo box, provide the Key character
length from the combo box, select the value for field Select the Hash algorithm for signing
certificate issued by this CA and either check or uncheck Allow administrator interaction when the
private key is accessed by the CA check box and click Next button to open Configure CA Name
NOTE: Common name of the certificate should match with WDM server's computer name.
12. In Configure CA Name window, provide the values for Common name for this CA and
Distinguished name suffix fields and click Next to open Set Validity Period window.
13. In the Set Validity Period window, select the validity period for the certificate generated for this CA
and click Next to open Configure Certificate Database window.
14. In Configure Certificate Database window, select the Certificate database location and Certificate
database log location and click Next to open Add Roles Wizard window for IIS.
15. Select the default values and click Next-> Install.
16. It will install the Active Directory Certificate Services, Web Server (IIS) and Remote Server
17. Once the installation of certificate is over, go to the Internet Information Services Manager of the
18. In the Server Manager tree pane, expand Roles, and then click on Web Server (IIS)-> Internet
Information Services (IIS) Manager to open IIS Manager window.
19. In the tree pane select the Server and on the right pane double click on Server Certificates.
20. In the right pane of Server Certificates, double click on Create Domain Certificate... to begin
creating a certificate.
21. Fill in the information requested in the Create Certificate window and click Next to open Online
22. In Online Certification Authority, click select to Specify Online Certification Authority and provide
a Friendly Name for the same and click Finish.
23. Now the installation of certificate in domain controller server is done, go to the installation of
certificate on WDM server.
Installing the Certificate on the WDM Server
Use the following guidelines:
1. On the taskbar, click Start->Administrative Tools->Internet Information Services (IIS) Manager to
open the IIS Manager window.
2. In the tree pane, click on the Server and on the right pane double click on Server Certificates to
open Server Certificates Window.
3. Fill in the information requested in the Create Certificate window and click Next to open Online