Windows 2008 CA Setup

Here is my situation. My boss wants us to move towards two factor authentication for laptop users who use VPN to access the network. Currently, we have a Sonicwall SSL-VPN 2000 appliance which provides our VPN access. Our plan is to set up a simple Windows CA server and use smart cards which will authenticate with this CA and allow VPN access. Last week, I installed the CA role on a VM which is running Windows 2008 R2 SP1. However, I am having quite a time setting up the CA since this is my first rodeo dealing with certificates and CAs.

First question is where would I find the server.crt. I thought my public and private key pairs were created during the creation of the CA role, but I cannot find these keys or certificates. Secondly, what is the best way to set up a Windows CA? If I need to, I will uninstall the current CA role and start over.

Your thoughts and answers are appreciated. Thanks.
Who is Participating?
vahiidConnect With a Mentor Commented:
On your CA if you go to http(s):\\localhost\certsrv you will be able to download a CA certificate, certificate chain, or CRL if that is what you mean by server.crt.

If you're looking for best Practice recommendation: 2-tier CA hierarchy, take a look at this link here:

e_aravindConnect With a Mentor Commented:

On the CA servers, mmc --> certificates --> local sever --> Personal
You should see some certificates related to that CA

On the same certificates consoles --> other can find the root-certs for this CA.

Just uninstalling the "AD integrated CA" server is not sufficient
You need to clean-up the AD to remove the old stuffs @ the AD to get a cleaner setup.

Related Links:
How to decommission a Windows enterprise certification authority and how to remove all related objects from Windows Server 2003 and from Windows Server 2000

How to remove manually Enterprise Windows Certificate Authority from Windows 2000/2003 Domain
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.