Export (0) Print
Expand All
1161 out of 1440 rated this helpful - Rate this topic

Active Directory Certificate Services

Updated: November 27, 2007

Applies To: Windows Server 2008

Active Directory Certificate Services (AD CS) includes certification authorities (CAs), Online Responders, Network Device Enrollment Services, and related client services that support the issuance and management of digital x.509 certificates used in a variety of applications. Applications that use digital certificates include secure wireless networks, virtual private networks (VPNs), Internet Protocol security (IPsec), Network Access Protection (NAP), Encrypting File System (EFS), and smart card logon.

Hierarchy of Managed Entities

2ae68f93-255f-4c9e-b3a3-9f388be77c5a

Managed Entities

Name Description

AD CS Certification Authority (CA)

Certification authorities (CAs) accept certificate requests, verify the requester's identifying information according to the policy of the CA, and then use their private keys to digitally sign the certificates that they issue. CAs are also used to revoke certificates that are no longer valid before their scheduled expiration date and to publish certificate revocation lists (CRLs) that are used to verify the validity of published certificates.

AD CS Online Responder

The Microsoft Online Responder service makes it possible to configure and manage Online Certificate Status Protocol (OCSP) validation and revocation checking in Windows-based networks. The Online Responder snap-in allows you to configure and manage revocation configurations and Online Responder Arrays to support public key infrastructure (PKI) clients in diverse environments.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.