DevOps

TMW02 Configuring Active Directory Certificate Services for DSC Credential Encryption

11/15/2017

8:00am - 9:15am

Level: Intermediate

Melissa Januszko

Technology Architect

Cerner Corporation

There are times when you may have to run parts of a DSC Configuration under alternate, highly privileged credentials. Encryption is an absolute must for protecting these credentials in any production environment. Encrypting credentials in PowerShell DSC Configurations requires a PKI infrastructure that issues document encryption certificates. This session will show you how to configure a PKI infrastructure for your DSC needs; including why you want a PKI, how to set up a two–tier PKI, and how to configure the PKI to issue document encryption certificates.

You will learn:

  • Best practices for setting up a PKI
  • How to install and configure ADCS using DSC
  • How to configure the AD and ADCS infrastructure to issue certificates
  • How to use the certificates to encrypt credentials in a DSC configuration