Install Microsoft Certificate Authority Roles
Install the Certificate Authority and Certificate Authority Web Enrollment roles on the Microsoft Certificate Authority server to facilitate certificate generation from SDDC Manager.
When connecting SDDC Manager to Microsoft Active Directory Certificate Services, ensure that Web Enrollment role is installed on the same machine where the Certificate Authority role is installed. SDDC Manager can't request and sign certificates automatically if the two roles (Certificate Authority and Web Enrollment roles) are installed on different machines.
- Log in to the Microsoft Certificate Authority server by using a Remote Desktop Protocol (RDP) client.FQDNActive Directory HostUserActive Directory administratorPasswordad_admin_password
- Add roles to Microsoft Certificate Authority server.
- Click , enterServerManager, and clickOK.
- From theDashboard, clickAdd roles and featuresto start theAdd Roles and Featureswizard.
- On theBefore you beginpage, clickNext.
- On theSelect installation typepage, clickNext.
- On theSelect destination serverpage, clickNext.
- On theSelect server rolespage, underActive Directory Certificate Services, selectCertification AuthorityandCertification Authority Web Enrollmentand clickNext.
- On theSelect featurespage, clickNext.
- On theConfirm installation selectionspage, clickInstall.