Processing Certificate Requests
Certificate Services performs the following steps when processing a certificate request:
Request reception.
The certificate request is sent by the client to an intermediary application, which formats it into a PKCS #10 format request and submits it to the server engine.
Request approval.
The server engine calls the Policy Module, which queries request properties, decides whether the request is authorized or not, and sets optional certificate properties.
Certificate formation.
If the request is approved, the server engine takes the request, and any properties requested by the Policy Module, and builds a complete certificate.
Certificate publication.
The server engine stores the completed certificate in the Certificate Services database and notifies the intermediary application of the request status. If the exit module has so requested, the server engine will notify it of a certificate issuance event. This allows the exit module to perform further operations such as publishing the certificate to an external certificate repository (for example, a directory service). Meanwhile, the intermediary gets the published certificate from Certificate Services and passes it back to the client.
The following illustration shows how a certificate request is processed by Certificate Services.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for