You must configure all Windows domain endpoints–domain controllers and computers in a Windows domain–that will be issued certificates by Certificate Enrollment Gateway.
For WSTEP enrollment, some machines also need TLS certificates. You will be configuring the TLS certificates later, starting in Configuring the TLS certificate of the Windows endpoints.
- Obtaining the URL of the Certificate Enrollment Policy Web Service
- Importing the CA certificate into Windows domain endpoints
- Configuring the Certificate Enrollment Policy Web Service for Windows domain endpoints
- Configuring the Certificate Enrollment Policy Web Service for Windows users
- Enabling certificate auto-enrollment for computers and domain controllers
- Enabling certificate auto-enrollment for users