Step 1 - Generating Key and Certificate
TSA Response Signing key(s) are required by the ADSS TSA Service to sign its responses sent back to the client applications. The Key Manager module is used to generate/import the required infrastructure keys.
In order to generate the keys within Key Manager module, see the section: Generating New Keys while for importing keys in ADSS Server that are issued by third parties, see the section: Importing Keys. Note that keys you want to import MUST be in PKCS#12/PFX format. When generating/importing a key for TSA response signing then select the key purpose "Timestamp Response Signing". Keys held in a PKCS#11 device can also be used for timestamp request/response signing, see the section Crypto Source to configure and import the keys from it.
Once the key pair is generated then Public Key needs to be certified. It can be certified by creating the Self Signed Certificates and/or Delegated Certificates.
See also
Step 2 - Configuring TSA Profile
Step 3 - Using the Service Manager