Previous
On the [Start] menu, point to [Administrative Tools], and then click [Server Manager].
Click [Roles] in the left column, click [Add Roles] from the [Action] menu.
Click [Next>].
Select the "Web Server (IIS)" and "Active Directory Certificate Services" check boxes, and then click [Next>].
If a confirmation message appears, click [Add Features].
Read the content information, and then click [Next>].
Check that [Certification Authority] is selected, and then click [Next>].
Select [Enterprise], and then click [Next>].
Select [Root CA], and then click [Next>].
Select [Create a new private key], and then click [Next>].
Select a cryptographic service provider, key length, and hash algorithm to create a new private key, and then click [Next>].
In "Common name for this CA:", enter the Certificate Authority name, and then click [Next>].
Select the validity period, and then click [Next>].
Set the "Certificate database location:" and the "Certificate database log location:" settings to their defaults, and then click [Next>].
Read the notes, and then click [Next>].
Select the role service you want to use, and then click [Next>].
Click [Install].
When the installation is complete, click [Close].
Close [Server Manager].
