Upcoming series of Post, i am going to set up CA(Certificate Authority) server and deploy PKI certificates for SCCM 2012 server. Here is my LAB environment.
I am using two-tier PKI hierarchy deployment which includes ROOT CA and Subordinate CA.
ROOT CA :
A ROOT CA is a top of PKI infrastructure hierarchy and generates a self signed certificate. The certificates are used for data protection, identification, and authorization. We are making ROOT CA as not connected to network and Company domain in order to keep all certificates generated by this in secure place and not to stolen or hacked by any unauthorized person. It is also called as Offline ROOT CA.
We can transfer Offline ROOT CA certificates to Subordinate CA using Removable media(USB drive, CD/DVD)
Subordinate CA is placed in Domain joined network and it will receive the certificates signed from offline ROOT CA and issue the certificates.
Part 2 : Install and configuring Offline ROOT CA server running Windows Server 2012.