Planning your PKI
Since we are revolving all of our discussion in this book around Windows Server 2016, this certainly means that your CA server can and should be one provided by this latest and greatest of operating systems. As with most capabilities in Server 2016, the creation of a certification authority server in your network is as simple as installing a Windows role. When you go to add the role to a new server, it is the very first role in the list called Active Directory Certificate Services (AD CS). When installing this role, you will be presented with a couple of important options and you must understand the meaning behind these options before you create a solid PKI environment.
Enterprise versus standalone
When configuring your CA role ...
Get Mastering Windows Server 2016 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.