Administering Server Authentication

Applies To: Windows Server 2008

Provides information regarding administration of Message Queuing server authentication.

Message Queuing 5.0 server authentication is performed exclusively through the use of Kerberos V5. The use of server certificates as a server authentication method is not a supported option when using Message Queuing 5.0.

Kerberos Authentication

Server authentication is used by clients to authenticate queries sent to domain controllers and Message Queuing servers. A client can verify that the query results have not been tampered with and that the results were returned by the correct domain controller or Message Queuing server. As of the release of Message Queuing 4.0, the only supported server authentication method between clients and servers is Kerberos V5. Message Queuing 1.0 and 2.0 (when running against an MSMQ 1.0 controller server on NT 4.0) supported the use of server certificates. Since the support lifecycle for all operating systems that run MSMQ 1.0 has ended, the use of server certificates as a server authentication method is no longer supported.