Encryption is an important part of VPN communications and it's the certificate server's job to provide the VPN server with a certificate that it can use to encrypt VPN sessions. In this step in the process of setting up a Vista VPN, we configure the infrastructure server to take on the role of a certificate server. If this were a real deployment, you would typically install this role on a separate server.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
To install the Active Directory Certificate Services, follow these steps:
- Log on as Administrator.
- Open the Server Manager.
Vista VPN setup guide, part 2 Learn how to configure Windows Vista workstations in part 2 of our Vista VPN setup guide.
- Click the Roles link.
- Click the Add Roles link.
- When the Add Roles Wizard launches, click Next to bypass the Welcome screen.
- Select the Active Directory Certificate Services check box and click Next.
- Click Next when you see the informational screen.
- On the following screen, choose the Certificate Authority and the Certificate Authority Web Enrollment check boxes and click Next.
- When Windows tells you that you must install IIS, click the Add Required Role Services button.
- Click Next.
- Verify that the Enterprise option is selected and click Next.
- Verify that the Root CA option is selected and click Next.
- Choose the option to create a new private key and click Next.
- When the wizard displays the Configure Cryptography for CA screen, click Next to accept the defaults.
- Set the Common Name to ContosoCA and click Next.
- Click Next to accept the default validity period of five years.
- Click Next to accept the default certificate database path.
- Click Next on the Introduction to Web Server (IIS) screen.
- Click Next to accept the default role services.
- Double-check the information shown on the confirmation screen and click the Install button.
- When the installation process completes, click Close.
- Reboot the server.
Vista VPN setup guide, part 1
Set up a domain controller
Install DHCP services
Install Active Directory Certificate Services
Request a machine certificate
Install the Routing and Remote Access Service role
Configure the VPN server
Publish the Certificate Revocation List
Make the CRL accessible
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as the CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer he has written for Microsoft, TechTarget, CNET, ZDNet, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at http://www.brienposey.com .