Viewing Extended Information
Updated: August 13, 2009
Applies To: Windows Server 2003 with SP1
Viewing Request Attributes
Request Attributes are name-value string pairs that are passed to the certificate server and stored in the database for possible use by the policy module or exit module. They are intended to be used for customer-specific purposes to control the behavior of a custom policy or exit module. They do not directly affect the certificate content. They may be used by the policy module to affect certificate content, but that is determined by the custom policy module, not the default policy module. To review a Request Attribute for a specific request, use the following command, replacing nnnn with the Request ID of the request being examined:
certutil –view –restrict requested=nnnn –out attrib:all
Removing CA Information from the Directory
Enterprise CA information is stored in the configuration container of Active Directory, most specifically in the Enrollment Services container of the Public Key Services node. Various pieces of information stored in the Public Key Services node of the configuration partition in Active Directory can be viewed or removed with the PKI Health Tool.