Centralized Certificates

 

Applies To: Windows Server 2012 R2, Windows Server 2012

Use the Centralized Certificates feature page to configure and manage a central certificate store for your server farm. Rather than replicating all SSL certificates across all servers in the web farm. The certificates are stored on a single server that hosts the central certificate store. This not only saves memory on all servers in the farm, but it changes the limit of SSL sites on a single server from 500 to more than 10,000.

Related scenarios

In this document

UI Elements for Centralized Certificates

The following tables describe the UI elements that are available on the feature page and in the Actions pane.

Feature Page Elements

Element Name

Description

File name

Displays the file names of the certificates.

Name

Displays the names of certificates that have been issued to clients that are running on either Internet or intranet hosts.

Issued To

Displays the fully qualified domain names (FQDNs) of either the Internet or intranet hosts to which certificates have been issued.

Issued By

Displays the FQDNs of servers that have issued certificates to clients that are running on either Internet or intranet hosts.

Expiration Date

Displays the date that the certificate expires.

Certificate Hash

Displays binary data produced by using a hashing algorithm. Although this data uniquely identifies a certificate, the hash data cannot be used to trace a certificate because hashing is a one-way process.

Actions Pane Elements

Element Name

Description

Explore certificates location

Opens Windows Explorer in the directory where the certificates are stored on the Central Certificate Store server.

Edit Feature Settings

Opens the Edit Centralized Certificates Settings dialog box.

Edit Centralized Certificates Settings Dialog Box

Element Name

Description

Enable Centralized Certificates

Select the Enable Centralized Certificates check box if you want to create a central certificate store for your web farm. Otherwise, clear the check box.

Physical path

Type the physical path to the directory on the central certificate store server where you want the certificates stored.

User name

Type the name of the user account to use when accessing the central certificate store.

Password

Type the user account password.

Confirm password

Type the user account password again to confirm the password.

Private Key Password (Optional)

If you want to define a private-key password for accessing certificates, type the password, and then type it again to confirm it. You can define only one private-key password for the central certificate store.