The Microsoft Certificate Server issues, revokes, and renews digital certificates that can be used for client authentication. Client authentication allows users to automatically validate themselves with a server in the most secure and straightforward manner currently available. Also, the certificate server allows for server customization by allowing the installation and configuration of different certificate issuance policies along with different certificate signature algorithms.

Certificate Services provides customizable services for issuing and managing certificates used in software security systems employing public key technologies.

You can use Certificate Services in Windows 2000 to create a certification authority (CA) which will receive certificate requests, verify the information in the request and the identity of the requester, issue certificates, revoke certificates, and publish a certificate revocation list (CRL)

Certificate Services can also be used to:

• Enroll users for certificates from the CA using the Web or the Certificates snap-in, depending upon the policy used by the CA.
• Use certificate templates to help simplify the choices a certificate requester has to make when requesting a certificate, depending upon the policy used by the CA.
• Take advantage of Active Directory for publishing trusted root certificates, publishing issued certificates, and publishing CRLs.
• Implement the ability to log on to a Windows domain using a smart card

Customizing Certificate Services

Certificate Services include programmable interfaces so that we can create support for additional transports, policies, and certificate properties and formats.

To request information on Microsoft X.509 Certificate Service or any other product please click the Information Request menu item.