Skip to main content

Setup Overview

In this section, we will add the previously created example AD CS role to the Subordinate Certificate Authority (CA) Server, which must be a member of the domain. Please adhere to the followin prerequisites as they are required for this section:

caution

The following setup procedure is shown as an example and provides a mainly based straightforward integration process. Please take notice that there may be other ways to configure and setup Microsoft AD CS.
Before moving forward with the example setup, please read through the Prerequisites and the Installing CNG Provider sections as they are required for further steps.

The following table lists the details used for this setup according the figure shown in section Installation:

VM/Name/DomainRole(s)OS TypeIP Address/MaskHSM Partition
Demo-CAR (workgroup)Standalone Offline Root CA AD CSWindows Server 2016Offline (10.250.100.20/24)DEMO-CAR
Demo-DC01.hsmtest.demoDomain Controller AD, DNS, LDAP, CDP/AIAWindows Server 201610.250.100.10/24DEMO -DC01
Demo-CAS.hsmdemo.testEnterprise Subordinate CA AD CSWindows Server 201610.250.100.25/24DEMO -CAS
Demo-IIS.hsmdemo.testIIS Web ServerWindows Server 201610.250.100.30/24DEMO -IIS
HSM Primus X 18376142 V2.8.43, DNS: hsm142.hsmdemo.testHSM Internal---10.250.100.100/24 CNG Provider: Port 2320---