Integration with CipherTrust Manager
To integrate Microsoft Active Directory Certificate Services with the CipherTrust Manager, you need to configure SafeNetProtectApp Key Storage Provider with AD CS. To do so:
Open Server Manager > Manage > Add Roles and Features.
On the Server Roles screen, select the Active Directory Certificate Services, and click Add Features on the popup that appears.
On the Features screen, click Next.
On the AD CS screen, click Next.
On the Role Services screen, enable the Certification Authority and Certification Authority Web Enrollment, and click Next.
On the Confirmation screen, click Install.
Note
For an enterprise CA, you need to be part of a domain or AD DS must be configured on the same.
After installation completes, click the text highlighted in blue "Configure Active Directory Certificate Services on the destination server".
Click Next.
On the Role Services screen, enable Certification Authority and Certification Authority Web Enrollment. Click Next.
On the Setup Type screen, select Enterprise CA, and click Next.
On the CA Type screen, select Root CA, and click Next.
On the Private Key screen, select Create a new private key, and click Next.
From the Select a cryptographic provider drop-down, select SafenetProtectApp Key Storage Provider, and click Next.
Specify the CA name as per your requirement, and click Next.
Specify the CA validity period, and click Next.
Note
By default, the validity period of a root CA is 5 years.
On the Certificate Database screen, click Next.
On the Confirmation screen, click Configure.
This completes the integration of Microsoft Active Directory Certificate Services with the CipherTrust Manager.