準備 CAPolicy.inf 檔案Prepare the CAPolicy.inf File

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

在 CA1,您必須先安裝 Active Directory 憑證服務準備 CAPolicy.inf 檔案。On CA1, you must prepare the CAPolicy.inf file before installing Active Directory Certificate Services.

若要執行此程序,您必須是系統管理員群組成員。To perform this procedure, you must be a member of the Administrators group.

準備 CAPolicy.inf 檔案To prepare the CAPolicy.inf file

  1. 開放的 Windows PowerShell,輸入「記事本」c:\Windows\CAPolicy.inf按下 ENTER。Open Windows PowerShell, type notepad c:\Windows\CAPolicy.inf and press ENTER.

  2. 出現提示時,以建立新的檔案,請按一下[是]When prompted to create a new file, click Yes.

  3. 輸入與檔案:Enter the following as the contents of the file:

    [Version]  
    Signature="$Windows NT$"  
    [PolicyStatementExtension]  
    Policies=InternalPolicy  
    [InternalPolicy]  
    OID=1.2.3.4.1455.67.89.5  
    Notice="Legal Policy Statement"  
    URL=http://pki.corp.contoso.com/pki/cps.txt  
    [Certsrv_Server]  
    RenewalKeyLength=2048  
    RenewalValidityPeriod=Years  
    RenewalValidityPeriodUnits=5  
    CRLPeriod=weeks  
    CRLPeriodUnits=1  
    LoadDefaultTemplates=0  
    AlternateSignatureAlgorithm=1  
    [CRLDistributionPoint]  
    [AuthorityInformationAccess]  
    
  4. 按一下檔案,然後按另存新檔Click File, and then click Save As. 請確定下列動作:Ensure the following:

    • 檔案名稱設定為 [ CAPolicy.infFile name is set to CAPolicy.inf

    • 另存新檔輸入設定為 [的所有檔案Save as type is set to All Files

    • 編碼]ANSIEncoding is ANSI

  5. 當您接到覆寫的檔案時,請按一下[是]When you are prompted to overwrite the file, click Yes.

    「記事本」對話方塊

    警告

    務必儲存 CAPolicy.inf inf 副檔名。Be sure to save the CAPolicy.inf with the inf extension. 如果您不專門輸入.inf結尾的檔案名稱及選取的選項所述,檔案將會被儲存成文字檔案和 CA 安裝時將無法使用。If you do not specifically type .inf at the end of the file name and select the options as described, the file will be saved as a text file and will not be used during CA installation.

  6. 關閉「記事本」。Close Notepad.

重要

在 CAPolicy.inf,您可以看到指定 URL http://pki.corp.contoso.com/pki/cps.txt 行。In the CAPolicy.inf, you can see there is a line specifying the URL http://pki.corp.contoso.com/pki/cps.txt. 只顯示的方式,您可以指定的位置 (CPS) 憑證做法聲明,例如 CAPolicy.inf 內部原則區段。The Internal Policy section of the CAPolicy.inf is just shown as an example of how you would specify the location of a certificate practice statement (CPS). 本指南,您不指示建立憑證做法聲明 (CPS)。In this guide, you are not instructed to create the certificate practice statement (CPS).