It is important to note that for certain features to function, such as federation,
you will be required to use a third-party CA server because other parties (outside your corporate
environment) need to authenticate communications with your OCS servers. Using a private
CA to perform this function is far more complicated and ultimately more expensive than
simply buying a certifi cate. However, I digress. At this point, we will walk through the steps
of confi guring a CA in Windows 2003. You can use just about any server within your environment
to run as a CA, but your best bet is to keep it off the OCS server itself. Let??™s walk through
the CA confi guration process:
1. Click on Start | Control Panel | Add/Remove Programs.
2. When the Add/Remove Programs window opens, select Add/Remove
Windows Components. Make sure you have either a Windows 2003 CD available,
or the i386 directory copied to a local (or network) drive.
3. In the Components window, check the box next to Certifi cate Services.
4. If you are prompted with a warning window, read through the warning and
click Yes.
5. In the Components window, click on the Application Server option, and
then click on the Details button.
6. In the Application Server details window, check the box next to Internet
Information Services and click OK (Figure 3.3).
7. Click Next to begin the installation.
8. In the CA Type window, you have a choice of multiple CA types. Click
Enterprise root CA, and click Next.
9. In the CA Identifying Information window, type the name of the server into
the box titled Common name for this CA: and click Next (Figure 3.
Pages:
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138