Windows Certification Authority

You can request user certificates from a Certificate Authority (CA) located in your Active Directory.

Requirements

• The operating system of the computer of the Intranet Role is Windows 2012 R2 or later.
• Ihre Intranetrolle ist in einem Active Directory installiert.
• An Enterprise CA is installed in your Active Directory.
• Suitable certificate templates are released on the Enterprise CA.

Useable certificate templates require the following properties:

• The keys are issued without user interaction.
• The S/MIME certificate extensions are supported.
• The name of the applicant is transferred to the template.
• The export of the private key is allowed.
• The certificate can be used to protect emails.

1. Go to Identities > Key enrolment > Key enrolment providers.
2. Click Add.
3. Select Windows Certificate Authority.
   
4. Enter a unique provider name.
5. Select one of your certification authorities.
   After selection, all released certificate templates for this location are displayed.
6. Select a template.
   

   NOTE: The template must meet the properties listed above in order to be used. If properties are missing, notes are displayed below the selection list. After selecting the certificate template, the key size slider is set to the allowed values of the certificate template.

7. Enter the country code in the form of an ISO 3166-1-compliant alpha-2 code.
   

   NOTE: Below the input field, you can enter the corresponding alpha-2 abbreviation in the input field by selecting the country name.

8. Click Next and then Finish.