You have a Windows Server 2008 R2 Enterprise Root CA . Security policy prevents port 443 and port 80 from being opened on domain controllers and on the issuing CA
You need to allow users to request certificates from a Web interface. You install the Active Directory Certificate Services (AD CS) server role.
What should you do next?
A.
Configure the Online Responder Role Service on a member server.
B.
Configure the Online Responder Role Service on a domain controller.
C.
Configure the Certificate Enrollment Web Service role service on a member server.
D.
Configure the Certificate Enrollment Web Service role service on a domain controller.