Certificate Properties

Certificate Services supports the use of certificates as defined in the ITU-T recommendation X.509 (also, ISO/IEC 9594-8). The following are properties that are contained in a standard X.509 certificate.

VersionVersion number of the certificate format.
Serial NumberSerial number of the certificate. This number is assigned by the issuer and is unique within the issuer's list of issued certificates.
Algorithm Identifier and ParametersSignature algorithm and any parameters used by the issuer.
IssuerName of the certification authority which issued the certificate.
Not Before (Date)Certificate not valid before this date.
Not After (Date)Certificate not valid after this date.
Subject NameName of the person or entity to whom the certificate is being issued. This field can also include the certificate recipient's organization, organization unit, locality, state or province, and country/region.
Subject Public Key Algorithm and ParametersThe algorithm and any parameters used for the subject's public key.
Subject Public KeyThe actual public key (a bit string).
SignatureSignature as provided by the issuer.


A certificate can contain the following items, depending on the X.509 version of the certificate.

Optional fieldDescription
Issuer Unique IDUsed to make the issuer name unambiguous if it has been used by more than one entity.

Present only in versions X.509 2.0 or later.

Subject unique IDUsed to make the subject name unambiguous if it has been used by more than one entity.

Present only in X.509 2.0 or later.

ExtensionsFor specifying any desired custom properties. Any number of extension fields can be included in the certificate.

Present only in version X.509 3.0.


Note  Microsoft Certificate Services issues X.509 version 3 certificates.

Related topics

Name Properties