Score:0

Domain Certificate Authority Role On None Domain Controller

cn flag

I am setting up a new domain and I need to setup a Root CA and a Certificate Authority to hand out certificates to domain computers as well as to handle certificate actions and secure communications. I have installed it onto a Member Server for my Server 2019 domain separate from any of my Domain Controllers as I understand that is not a best practice. But when I go to pull new certificates on my Domain Controller or my Domain Computers they can't find any valid templates. What might I be missing? I feel like the CA server is not tied to the Domain in some way. I am trying to find some documentation but having a hard time finding the correct verbiage. Can this be done as a member server as the CA server and not a DC?

Score:0
cn flag

So the answer is yes it can be used by another role. Also using PowerShell Command can be used to issue certificates and use of other templates are possible as long as you check the Security tab of the template to set who can enroll and who can't.

I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.