As illustrated by the following figure , CA Gateway manages each Microsoft CA instance through an Entrust Proxy for Microsoft CA.
In this architecture, CA Gateway is a client of Microsoft CA. See in the following sections how to configure the Entrust Proxy for Microsoft CA and CA Gateway to manage Microsoft CAs.
- Adding Microsoft Management Console snap-ins
- Creating a client authentication template for Microsoft CA
- Creating the CA Enrollment Agents
- Creating the RA recovery agents
- Creating RA enrollment agent credentials
- Enabling supply in the request
- Configuring Request Handling in the Microsoft CA
- Enabling SAN attributes in the enrollment request
- Installing the Entrust Proxy for Microsoft CA
- Issuing the SSL certificates
- Generating a client keystore for CA Gateway
- Generating a truststore for CA Gateway
- Generating the server keystore of the Entrust Proxy for Microsoft CA
- Running the Entrust Proxy for Microsoft CA
Only Microsoft Enterprise CA is supported; standalone CA is not supported.