Microsoft® Certificate Server provides customizable services for issuing and managing certificates used in software security systems employing public-key cryptography. Certificate Server performs a central role in the management of software security systems to enable secure communications across the Internet, corporate intranets, and other nonsecure networks.
Certificate Server receives requests for new certificates over transports such as RPC, HTTP, or e-mail. It checks each request against custom or site-specific policies, sets optional properties for the certificate to be issued, and issues the certificate. Certificate Server allows administrators to add elements to a certificate revocation list (CRL), and publish a signed CRL on a regular basis. Programmable interfaces are included for developers to create support for additional transports, policies, and certificate properties and formats.
Certificate Server generates certificates in standard X.509 format. Certificates in X.509 format are commonly used to authenticate servers and clients performing secure communications using the Secure Sockets Layer (SSL) protocol.