Windows Server – Locate CA / Certificate Services

KB ID 0001163

Problem

A colleague was having some certificate problems onsite the other week. Someone suggested just using Certificate Services to simplify matters. I said I’d spin it up and configure it for him, (I’ve done a lot of Microsoft CA work, search the site!)

My fist question was, “Do they already have certificate services?’, unsurprisingly the answer was “I don’t know”.

So if you’re on a domain, and you want to locate your CA server, or simply find out if you have one, what do you do?

Solution

The simplest option is look in Active Directory Users and Computers, then locate the ‘Cert Publishers’ group and look at its members.

Or you can run adsiedit.msc >  CN=Certification Authorities, CN=Public Key Services, CN=Services, CN=Configuration, DC={domain-name},DC={domain-extension}

Easy Option: If you’re lazy, (like me!) Simply run the following command;

certutil –config – -ping

If you don’t have any CA’s this is what you will see;

Locate Domain Certificate Services

But if you do (below there is one, but there may be many);

Find CA Server

Related Articles, References, Credits, or External Links

NA

Author: PeteLong

Share This Post On

Submit a Comment

Your email address will not be published. Required fields are marked *