The CA we are going to build is aimed solely at IT shops that need a CA but don't want to roll out an enterprise wide CA. Having an enterprise CA tied to Windows Active Directory is quite handy and Microsoft makes it pretty easy to install and manage. If your organization doesn't have a CA or you want one that you can manage yourself, follow along. Microsoft also has extensive documentation if you want to dig in deeper.
If you want to install a CA tied to Active Directory, stop reading this and go read Microsoft's documentation. You'll thank me later.
Note that I did skip simple steps like clicking next or taking the defaults. When in doubt, just click next. What can go wrong?
On Windows Server 2003 (I don't imagine this is any different in Windows Server 2008), go to Add/Remove programs->Add/Remove Windows Components and select Certificate Services. Select a stand-alone root CA. That will give you a CA independent of Active Directory.
Mike Fratto is a principal analyst at Current Analysis, covering the Enterprise Networking and Data Center Technology markets. Prior to that, Mike was with UBM Tech for 15 years, and served as editor of Network Computing. He was also lead analyst for InformationWeek Analytics ... View Full Bio