Cryptographic Service Provider
Cryptographic service provider (CSP) allows you to select a Microsoft or third-party cryptographic provider to handle cryptography and certificate management. Each cryptographic provider can create a public and private key to encrypt the data that is sent to and from the Web server. The private key is stored at the server on hardware, on a Peripheral Component Interconnect (PCI) card, on a smart card, or in the registry, as it is for the two default providers that Microsoft installs: Microsoft DH SChannel Cryptographic Provider and Microsoft RSA SChannel Cryptographic Provider.
IIS certificate storage is now integrated with the Microsoft Cryptographic API (Crypto API). The Crypto API contains identical methods and properties for every cryptographic provider. This allows you to switch between cryptographic providers without having to rewrite code.