Certificate Enrollment
A CA is a fussily bureaucratic beast. It will not issue certificates to just anyone. A client must submit its certificate request in a special format so that its identity can be quickly and reliably verified before its public key can be incorporated into a signed certificate. This process is called enrollment.
The most popular format for submitting enrollment requests is the PKCS #10 Certification Request. See RFC 2986, “PKCS #10: Certification Request Syntax Version 1.7,” for details about the contents of the request. (Documentation is also available at the RSA web site, www.rsalabs.com.) A PKCS #10 certificate request contains the following information:
Client's public key. This is the key the client wants the CA to ...
Get Inside Windows® Server 2003 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.