Your network contains an Active Directory domain named contoso.com. The network
contains a server named Server1 that runs Windows Server 2012. Server1 has the Active
Directory Certificate Services server role installed. Server1 is configured as an offline
standalone root certification authority (CA).
You install the Active Directory Certificate Services server role on Server2 and configure the
server as an enterprise subordinate CA.
You need to ensure that the certificate issued to Server2 is valid for 10 years.
What should you do first?
A.
Modify the subordinate CA certificate template.
B.
Modify the registry on Server2.
C.
Modify the registry on Server1.
D.
Modify the CAPolicy.inf file on Server2.
E.
Modify the CAPolicy.inf file on Server1.