Microsoft Certificate Server provides services for processing certificate requests and issuing digital certificates. Certificate Server performs the following steps when processing a certificate request:
The server engine is the core component of Certificate Server. The engine acts as a broker for all requests it receives from the entry modules, driving the flow of information between components during the processing of a request and generation of a certificate. At each processing stage, the engine interacts with the various modules to ensure appropriate action is taken based on the state of the request.
The intermediary is the architectural component that receives new certificate requests from clients and submits them to the server engine.
The intermediary is composed of two parts, the intermediary application that performs actions on behalf of clients, and the Certificate Server Client Interface that handles communications between the intermediary application and the server engine.
Intermediaries can be written to handle certificate requests from different types of clients, across multiple-transports or according to policy-specific criteria.
Microsoft Internet Information Server (IIS) is an intermediary that provides support for clients over HTTP. Intermediaries can also check on the status of a previously submitted request and obtain the Certificate Server's configuration information.
The Server Engine stores the completed certificate in the certificate store and notifies the intermediary application of the request status. If the exit module has so requested, the Server Engine will notify it of a certificate issuance event. This allows the exit module to perform further operations such as publishing the certificate to a directory service. Meanwhile, the intermediary gets the published certificate from the certificate store and passes it back to the client.
The policy module contains the set of rules governing issuance, renewal, and revocation of certificates. All requests received by the server engine passed to the policy module for validation. Policy modules are also used to parse any supplemental information provided within a request and set properties on the certificate accordingly.
Extension handlers work in tandem with the policy module to set custom extensions on a certificate. Each extension handler acts as a template for the custom extensions that should appear in a certificate. The policy module must load the appropriate extension handler when it is needed.
Exit modules publish completed certificates and CRLs through any number of transports or protocols. By default, the server notifies each exit module installed on the server whenever a certificate or CRL is published.
Certificate Server provides a Component Object Model (COM) interface for writing custom exit modules for different transports/protocols or custom delivery options. For example, an LDAP exit module might be used to publish only client certificates in a Directory Service and not server certificates. In this case, the exit module can use the COM interface to determine the type of certificate that the server is issuing and filter out any that are not client certificates.
Windows Media publishing point
To create a new publishing point (to stream Windows Media files) in Windows Media Services 9
by using the MMC snap-in:
1.On the Start menu of your Windows 2003 Server, go to Programs -> Administrative
Tools -> Windows Media Services to open the snap-in.
2. In the console tree, expand the server to which you want to add the publishing point,
and then click Publishing Points.
3.On the Action menu, click Add Publishing Point (Wizard), and complete the wizard to add your desired publishing point.