To configure the Microsoft CA as an external CA select the Microsoft CA from the CA Type drop down. The following page will be shown to configure the Microsoft CA:

The items in the above screen are described below:

Items

Description

CA Alias

An operator-defined unique name for easy management of certificate authorities within ADSS Server. This is only for human identification purposes.

CA Type

ADSS Server can be configured to get the certificates issued from the Microsoft CA. Requests received at certification service are forwarded the Microsoft CA for certification issuance.

Note: ADSS Server only supports the CREATE request when Microsoft CA is configured as external CA.

CA Certificate

All the CA certificates configured in Trust Manager with purpose CA (will be used to verify other certificates and CRLs) will be available here for configurations. 
Select the Microsoft CA which will be used to issue the target certificates. 

Note: It is required to register the complete chain of the Microsoft CA in Trust Manager

CA Address

Define the URL that this CA listens on for certificate request messages. 

Microsoft Certificate Template

Provide the template name which is deployed at Microsoft CA machine. This template contains all the content for the certificate to be generated.

User Name

Specify the Windows Domain User in the provided field. 

Password

Specify the password for the above provided user.


See also

ADSS CA Server
Symantec MPKI
GlobalSign EPKI
GlobalSign HVCI
EJBCA
QuoVadis CA
Entrust CA
Offline External CA
DigiCert PKI
SPOC Server