Active Directory Certificate Services

Applies To: Windows Server 2008

Active Directory Certificate Services (AD CS) provides customizable services for issuing and managing certificates in software security systems that use public key technologies. For background information about public key cryptography and the benefits of having a public key infrastructure (PKI), see Public Key Infrastructures.

You can use AD CS to create one or more certification authorities (CA) to receive certificate requests, verify the information in the requests and the identity of the requester, issue certificates, revoke certificates, and publish certificate revocation data.

With AD CS, you can also:

  • Set up Web enrollment, the Network Device Enrollment Service, and the Online Responder service.

  • Manage enrollment and revocation of certificates for users, computers, services, and network devices such as routers.

  • Use Group Policy to distribute and manage certificates.

Additional references