Now for sale, the book version of the Building a Certificate Authority in Windows Server 2019 guide that I published in early 2020. The guide has been greatly expanded and includes many additional details and steps that were not included in the original guide.
What good is a Certificate Authority in an Active Directory environment if there is no way to automatically deploy the Certificates? Luckily, with the use of Group Policy and a few configuration changes to Certificate Templates, this is a fairly easy task.
For every Certificate Authority, it is inevitable that you are eventually going to need to revoke a Certificate for one reason or another. The Online Responder Role in Active Directory Certificate Services is capable of rapidly revoking Certificates and ensuring that users in your organization are notified as quickly as possible.
Once the Certificate Authority has been created it is time to deploy those Certificates to the organization. Through the use of Group Policy with Active Directory, this is a fairly easy task, and can deploy the Certificates to the organization in only a few minutes.
Once the Root CA has been created, the Subordinate CA needed to be setup. This Subordinate CA is needed to do all of the work for the Certificate Authority. It will issue all Certificates to the organization and handle the day to day operations.