Skip to main content

Microsoft CA server

Integration guide

This guide covers the complete process needed to set up a Microsoft CA server integration using a CA connector in DigiCert​​®​​ Trust Lifecycle Manager.

The integration supports discovery of existing certificates from the Microsoft CA into your Trust Lifecycle Manager account, where you can monitor and manage them. It also lets you use Trust Lifecycle Manager to enroll new certificates against the Microsoft CA.

Architecture

The integration architecture consists of the following systems:

  • DigiCert Trust Lifecycle Manager. The central management platform where you configure the connector and subsequently discover, enroll, and manage certificates from the integrated Microsoft CA.

  • DigiCert sensor. Used to manage the integration. Must be installed on a dedicated Windows host on your network that can connect to both DigiCert Trust Lifecycle Manager and the Microsoft CA server.

  • Microsoft CA server. The Microsoft server running the CA to use with Trust Lifecycle Manager. Must be running Windows Server 2019 or later and have Active Directory Certificate Services (AD CS) installed.

msca_integration_architecture_new.svg

Workflow

The complete integration workflow involves these steps:

In this section: