Viewing Extended Information

Applies To: Windows Server 2003 with SP1

Viewing Request Attributes

Request Attributes are name-value string pairs that are passed to the certificate server and stored in the database for possible use by the policy module or exit module. They are intended to be used for customer-specific purposes to control the behavior of a custom policy or exit module. They do not directly affect the certificate content. They may be used by the policy module to affect certificate content, but that is determined by the custom policy module, not the default policy module. To review a Request Attribute for a specific request, use the following command, replacing nnnn with the Request ID of the request being examined:

certutil –view –restrict requested=nnnn –out attrib:all 

Removing CA Information from the Directory

Enterprise CA information is stored in the configuration container of Active Directory, most specifically in the Enrollment Services container of the Public Key Services node. Various pieces of information stored in the Public Key Services node of the configuration partition in Active Directory can be viewed or removed with the PKI Health Tool.