1.3 Overview

This specification defines the syntax and interpretation of certificate templates. Certificate templates are data structures that specify how certificate requests and certificates are constructed and issued as documented in [MS-WCCE]. The structures also provide settings that influence the behavior of the computer certificate autoenrollment feature that is described in [MS-CERSOD]. Certificate templates are stored as objects in Active Directory.

The Windows Client Certificate Enrollment Protocol, as specified in [MS-WCCE], is documented separately. Windows Client Certificate Enrollment Protocol is the protocol by which clients request certificates from the CA and by which any issued certificates are returned to the client. Certificate templates can be thought of as playing a part in that protocol because of their abilities to constrain behaviors of the CAs; otherwise, interactions between templates and the Windows Client Certificate Enrollment Protocol are not limited. A client in the Windows Client Certificate Enrollment Protocol can specify a template for the CA to use in building a certificate, but in that context, a template is just another complex data structure that is passed as a parameter to a Windows Client Certificate Enrollment Protocol method.