For the last few weeks, we’ve been looking at digital certificates and the Public Key Infrastructure (PKI) that makes them work. Last week, we looked at some design considerations for a Microsoft AD Certificate Services PKI. If you’ve decided to go ahead and set up your own in-house PKI, then this article will help you get started!
This week we will cover setting up the offline root CA. Then next week we’ll finish up with configuring an issuing CA and making sure that the certs and CRL are published so that your clients can use them.