Before you can generate and install certificates, you must configure a certificate authority (CA).

Cloud Foundation supports only the Microsoft CA.

Prerequisites

  • Verify that you have created a Microsoft Active Directory certificate service (.certsrv) template in an IIS container on a CA address server.
  • Verify that the certificate service template is properly configured for basic authentication.

To create the certificate service template with the proper authentication configuration, see Prepare the Certificate Service Template.

Note: If the CA Web server and CA are on different machines, you must perform the steps mentioned in https://blogs.technet.microsoft.com/askds/2009/04/22/how-to-configure-the-windows-server-2008-ca-web-enrollment-proxy/ in addition to the following steps.

Procedure

  1. Navigate to Administration > Security > Certificate Management to open the Configure Certificate Authority page.
  2. Click Edit and complete the following configuration settings.
    Option Description
    Certificate Authority Select the CA from the drop-down menu. The default is Microsoft.
    CA Server URL Specify the URL for the CA address server. This address must begin with https:// and end with certsrv, for example https://www.mymicrosoftca.com/certsrv
    Username Provide a valid user name to enable access to the address server.
    Password Provide a valid password to enable access to the address server.
    Template Name Enter the certsrv template name. You must create this template in Microsoft Certificate Authority.
  3. Click Save.
    A dialog box appears, asking you to review and confirm the CA server certificate details.
  4. Click Accept to complete the configuration.

Results

The Microsoft CA is now available for use in generating and installing a certificate.