Home > General Administration > Other Topics > Deploying a Stand-alone Root CA on Microsoft Server 2003

Deploying a Stand-alone Root CA on Microsoft Server 2003

Table of contents
No headers

Certificate services is a component on Microsoft Windows Server that is necessary for integrating when using a customer hosted Active Directory or RADIUS/8021x server. Installing certificate services enables you to deploy a root certificate authority which can then be used to issue certificates that encrypt data such as authentication credentials. This guide takes you through how to deploy a Stand-alone root CA which is different than an Enterprise CA in that there is no ability to create templates or configure auto-enrollment. 


(Figure 1)

The first step to obtaining a digital certificate is to install Certificate Services on the server. To do this go to Start -> Control Panel -> Add or Remove Programs. From here select Add/Remove Windows Components on the left hand side of the menu as shown in Figure 1. Check the box next to Certificate Services, a warning box will pop up informing you to not change the machine name or domain membership of the server as this may invalidate the certificate and cause authentications to fail as shown in Figure 2. Select Yes and click Next > to proceed to the next screen.


(Figure 2)


(Figure 3)

On the next screen select Stand-alone root CA as the CA type as shown in Figure 3 and click the Next > to continue.


(Figure 4)

In the next step you will be asked to specify the Common name or machine name of the server you are currently installing a root CA for as shown in Figure 4. You can also specify the Validity period for the certificate authority you are currently configuring. Click Next > to continue.


(Figure 5)

The next screen asks you to specify the folder name for the Certificate database where the certificates will be stored as well as where the certificate logs will be kept as shown in Figure 5. Click Next > to continue. The server will install the certificate services component and will prompt you to either insert the Windows Server 2003 CD-ROM or ask you to Browse... to the local i386 folder. Click the Finish button to complete the installation successfully.

Last modified



This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 1811

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community