
aSelect Start - Control Panel - Add or Remove Programs.
bSelect Add/Remove Windows Components.
cIn the Windows Components Wizard, select the Certificate Services check box.
dSelect Enterprise root CA as CA Type and click Next.
eEnter Common name for this CA, click Next, and click Finish.
2Enable SSL on each of your domain controllers by installing the SSL certificate for each controller.
a Click Start - Administrative Tools - Domain Security Policy.
b Expand the Public Key Policies folder,
c In the Automatic Certificate Request Setup Wizard, click Next and select Domain Controller.
3Click Next and click Finish.
A certificate/private key file can be created using openssl using Linux. Openssl can be downloaded from openssl.org. Any instructions below with text in <> is where a user would need to set a value based on the criteria at the end of that line.
To create a certificate to import:
1From the Linux command prompt, type openssl and hit Enter. The user should be at the OpenSSL prompt.
OpenSSL> genrsa
..........++++++++++++
.....++++++++++++
e is 65537 (0x10001)
OpenSSL> req
LDAP Feature for the Remote Console Switch