Microsoft Certificate Server includes Web-based administration tools that provide services for accessing the data contained in the server database. These tools include the Certificate Log Utility and Certificate Queue Utility for administering data in the server log and server queue, respectively. Additional administration tools may be written using the administration interface.
Microsoft Certificate Server runs as a Microsoft Windows NT service. By default, it is set up to have automatic Startup Type. Consequently, it will start automatically when the operating system loads unless the service has been reconfigured to have manual Startup Type. Additionally, The Certificate Authority service will stop automatically when the operating system is unloaded, or it can be stopped manually.
Microsoft Certificate Server issues digital certificates that enable server and client authentication under the Secure Sockets Layer (SSL) protocol. The process of obtaining a digital certificate is called certificate enrollment. This process begins with a client submitting a certificate request and ends with the installation of the issued certificate in the client application.
Certificate Server includes an HTTP enrollment control with forms for the following certificate enrollment tasks:
- Installing Certificate Authority (CA) certificates.
- Enrolling a Web server.
- Client certificate enrollment using Microsoft® Internet Explorer version 3.0 or later.
- Client certificate enrollment using Netscape Navigator.
The enrollment control and its forms are accessed through the Certificate Server Enrollment Page. This page is available from the Certificate Server Administration Tools Web Page.