Adding the Microsoft CA

Make sure that you meet the prerequisites, and then perform the following steps in this section.

Note: In the ActivID CMS Repository settings for the Active Directory, the base node must be set to the forest level to make sure that the ActivID CMS can detect the Microsoft CA. If the base node is set at the OU level, ActivID CMS might not be able to detect the Microsoft CA.
  1. Log on to the Operator Portal, and go to the Repositories Management page.

  2. Click Add Certificate Authority.

  3. In the Provider drop-down list, select Microsoft Certificate Server 2008/2012.

  4. In the Template drop-down list, select the appropriate template.

  5. Click Submit to display the Certificate Authority Creation page again.

    • Optionally, you can specify a revocation reason which is going to be sent to the CA when performing one of the specified operations:

      • Device is Terminated,

      • Device is Lost,

      • Device is Stolen,

      • Device is Damaged,

      • Device is Expired,

      • Device is Re-issued,

      • Device Applications are Updated

    • The possible revocation reasons are:

      • Unspecified,

      • Affiliation Changed,

      • CA Compromise,

      • Certificate Hold,

      • Cessation of Operation,

      • Key Compromise,

      • Superseded.

  6. Click Test. The connectivity check results are displayed in the Test Report box

  7. Click Create. A confirmation page is displayed. For more information, refer to Configuring a PKI Application Using a Microsoft CA.