Microsoft Certificate Server can be used to grant certificates to end-users within an organization so that they can conduct secure communications across the Internet and gain access to the corporate intranet.
Two examples include:
- Branch offices. The Internet supplements or serves as a corporate WAN.
- Supplier/vendor relationships. Intranet access granted to groups of users from key partners.
The Certificate Authority (CA) issuing the certificates can implement policies tailored to each case. An example of such a policy would include the following:
- Use authenticated RFC to receive certificate requests and transmit completed certificates.
- Check that the Issuer Organization and Issuer Organizational Unit information specified in certificate requests correctly identifies the CA server's organization (defined in the CA server's configuration file).
- Check that the Subject Common Name information specified in certificate requests matches the authenticated username.
Microsoft Certificate Server registers users for services on the Internet by following the following conditions:
- Receives certificate requests and issues completed certificates over HTTP.
- Checks information in a certificate request against an external database.
- Optionally defers completion of the request process, so the customer personally contacted for verification.
- This set of conditions comprises a standard offline approval policy that would be appropriate when there is a need for a high degree of user validation.
- Microsoft Certificate Server has some features which make it valuable to organizations that do not choose to rely on external certificate authorities and who need a flexible tool adapted to the needs of their organization.
Certificate Server accepts standard Public-Key Cryptography Standards (PKCS) #10 requests and issues X.509 version 1.0 and 3.0 certificates. Modules called extension handlers support additional certificate formats. Certificate Server works with non-Microsoft clients and browsers, and non-Microsoft Web servers. Certificate Server can write certificates to any database or directory service supported by a custom exit module.
Certificates granted according to policies that define the criteria that requesters must meet to receive a certificate. For example, one policy may be to grant commercial certificates only if applicants present their identification in person. Another policy may grant credentials based on e-mail requests. An agency that issues credit cards may choose to consult a database and make phone inquiries before issuing a card.
Policies implemented in policy modules written in Java. Microsoft Visual Basic, or Microsoft C/C++. Certificate Server functions are isolated from any changes in policy that an agency might implement. Such changes in policy can be fully executed in the server policy module code.
Certificates can be requested and distributed through any transport mechanism. Certificate Server accepts certificate requests from an applicant and posts certificates to the applicant through Hypertext Transfer Protocol > HTTP), Remote procedure call (RPC), disk file, or by custom transport.
Transports supported by intermediary applications and exit module DLLs, usually written in Microsoft C/C++. The intermediary applications and exit modules isolate the Certificate Server functions from communicating with any particular transport.
The security of a certification system depends on how the private keys are protected. The design of Certificate Server ensures that individuals cannot perform unauthorized access of private key information. Certificate Server relies on Microsoft CryptoAPI to perform key management, thus isolating Certificate Server from these confidential pieces of data. Also, the CryptoAPI functions can use anything from software modules to hardware-based key engines for the generation and protection of keys, thus allowing a user to select a level of key-management system strength appropriate for their organization.
Certificate Server leverages the reliability features incorporated into Microsoft Windows NT Server network operating system. The Windows NT architecture protects applications from damaging each other and the operating system by employing structured exception handling and the NTFS file system. Windows NT provides protection through its built-in security and has United States Government C2 certification.
Microsoft Certificate Server architectural elements include the server engine that handles certificate requests and other modules that perform tasks by communicating with the server engine.