![]() Open Server Manager and choose Add roles and features, and click Next. If a Certification Authority already exists in your environment, skip this section and proceed to YubiKey Minidriver Installation. For more information, see the Microsoft documentation: Creating a Certification Authority As an additional security measure, consider installing the Root CA on a standalone offline server, and use a Subordinate CA for all certificate signing. Microsoft recommends that you do not deploy a Root Certification Authority (CA) on a Domain Controller. ![]() For information about implementing advanced configurations, see this Microsoft Technet article ( (v=ws.10).aspx).īefore you create a Certification Authority (CA), be sure you set up a Microsoft Windows Active Directory domain environment. These instructions include steps for a basic configuration. IMPORTANT: The installation should be performed by an experienced system administrator. NOTE: If a Certification Authority already exists in your environment, skip this chapter and proceed to YubiKey Minidriver Installation. These steps assume an Active Directory environment is already stood up and configured. This chapter covers the basic configuration for setting up a new Certification Authority (CA) to a Windows Server (2016 and above). In order to utilize the Smart Card functions in a Windows environment using the YubiKey Minidriver, a Certification Authority (CA) must first be stood up. Protecting Microsoft Cloud Environment with a YubiKeyĬonfiguring a Certification Authority (CA) for Smart Card Authentication.Adding an Enterprise Root Certificate to the YubiKey.Working with Enterprise Root Certificates.Modifying the Windows Registry to Delay the Smart Card Removal Policy Service. ![]()
0 Comments
Leave a Reply. |