1
00:00:02,720 --> 00:00:05,480
And once that's done, once you've created all of these templates,

2
00:00:05,480 --> 00:00:07,210
we now need to publish these.

3
00:00:07,210 --> 00:00:09,380
So we've created the certificate templates.

4
00:00:09,380 --> 00:00:11,540
These are stored in Active Directory.

5
00:00:11,540 --> 00:00:14,800
Now we have to tell our CA that it's allowed to issue them.

6
00:00:14,800 --> 00:00:18,440
So let's jump over to the CA Management Console where we started.

7
00:00:18,440 --> 00:00:21,890
We'll highlight Certificate Templates. And here, you'll see that there

8
00:00:21,890 --> 00:00:25,840
are no published templates in this folder.

9
00:00:25,840 --> 00:00:29,400
And that's, again, because this is a brand‑new lab that I set up for

10
00:00:29,400 --> 00:00:31,900
this course, and so no templates have been issued.

11
00:00:31,900 --> 00:00:34,950
Your environment looks very different, I'm sure.

12
00:00:34,950 --> 00:00:37,020
But once we're ready to deploy these certificates,

13
00:00:37,020 --> 00:00:39,130
you're just going to right‑click on the Templates folder and

14
00:00:39,130 --> 00:00:42,140
choose New and Certificate Template to Issue.

15
00:00:42,140 --> 00:00:45,490
And here, we're going to select our certificate templates that we

16
00:00:45,490 --> 00:01:02,170
created previously. (Working) And there you have it.

17
00:01:02,170 --> 00:01:05,650
These certificates are now available to be consumed by

18
00:01:05,650 --> 00:01:08,710
users or identities in your organization.

19
00:01:08,710 --> 00:01:11,860
Now, it's important to know that if you have multiple issuing CAs,

20
00:01:11,860 --> 00:01:16,040
you may need to do the same process on multiple servers.

21
00:01:16,040 --> 00:01:21,580
Also, keep in mind, this is a single domain domain controller

22
00:01:21,580 --> 00:01:24,590
lab. There's no issues with replication.

23
00:01:24,590 --> 00:01:27,660
You are creating these certificate templates in Active Directory, and

24
00:01:27,660 --> 00:01:30,450
they do have to replicate before they will be available.

25
00:01:30,450 --> 00:01:34,170
So, if you have a large organization and you've created these templates and

26
00:01:34,170 --> 00:01:37,640
you don't see them available immediately, don't panic.

27
00:01:37,640 --> 00:01:40,310
You can either force replication or go grab a cup of

28
00:01:40,310 --> 00:01:42,540
coffee and wait for it to complete.

29
00:01:42,540 --> 00:01:49,000
Once replication completes, then you'll see those templates, and you'll be able to publish them.