Previously, you created certificate templates for the Entrust WSTEP Service (see Creating Windows certificate templates for the Entrust WSTEP Service). You must add all the certificate templates you created to the enrollment service.
To add certificate templates to the enrollment service
- Log in to the server hosting Active Directory.
- Open ADSI Edit. Select Start > Windows Administrative Tools > ADSI Edit.
The ADSI Edit dialog box appears. - In the tree view, expand ADSI Edit > Configuration > CN=Configuration,<suffix> > CN=Services > CN=Public Key Services > CN=Enrollment Services.
- Double-click the Active Directory CA enrollment service.
A Properties dialog box appears. - Click the Attribute Editor tab.
- Under Attributes, select certificateTemplates.
- Click Edit.
The Multi-valued String Editor dialog appears. In the Value to add field, paste the name of the certificate template. You must add at least the template with the WSTEPUser name.
The template name is the value of the template's common name (CN) value. You can get all certificate template names at ADSI Edit > Configuration > CN=Configuration,<suffix> > CN=Services > CN=Public Key Services > CN=Certificate Templates.
- Click Add.
- If required, add additional templates to the list.
- Click OK.