MS Win 2008 Server - PKI installation
- Stine Granviken
This information is written in English only
Installation and configuration of CA, AD and CRL
This guide describes the steps for installing and configuring a Microsoft PKI infrastructure with its belongigs to support Buypass Access Manager - the LRA client.
The document is for technical personnel with knowledge of installing and configuring Windows Server 2008, Active Directory and understanding of basic PKI principles.
General requirements
Before installing the Microsoft CA, you need the following requirements:
- An established Microsoft Active Directory database
- Windows Server 2008 Enterprise media
- Windows Server 2008 Standard media
- Access to CA root server certificate
- Only applies to installing a issuing CA in an existing Microsoft PKI Infrastrucure
- Access to CRL list from Root CA
- Enterprise admin permission in the domain
- Access to a LRA client computer with 2 Smartcard readers
- Buypass Access Enteprise license
Hardware requirements
You need the following servers - the servers can be virtualized if wanted:
- Root CA: Microsoft Server 2008 Standard
- Issuing CA: Microsoft Server 2008 Enterprise
- CRL Server: Windows Server 2008 Web edition
Installation of Microsoft Active Directory
To install and configure a Microsoft PKI infrastructure you require a Microsoft Active Directory. This and the next sections will only cover an excample of installation and configuration made in Buypass TEST environment.
AD DS Lab environment
Domain: bplab01.local
Domain functional level: Windows Server 2008
DNS
DNS records will automatically be created at the server that joins the domain. Other DNS records for internal and external zones have to be created manually.
Buypass 2014 ©