Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

II. Establishing a PKI > 15. Issuing Certificates

Chapter 15. Issuing Certificates

Having created the required certificate templates, the next step is to determine how to get the certificates to the desired computers, users, or network devices.

A certificate request involves actions performed at the computer where the certificate request is generated and at the certification authority (CA) that issues the certificate to the requestor.

When a certificate request is initiated, the process shown in Figure 15-1 takes place.

The certificate enrollment process

Figure 15-1. The certificate enrollment process

  1. When the user generates a request for a certificate, the client computer asks the cryptographic service provider (CSP) designated by the certificate template or selected by the user to generate a key pair.

  2. The CSP generates a key pair based on the key length designated in the certificate template or selected by the user. If the CSP is software-based, the key pair is generated in the user’s profile. If the CSP is for hardware, such as a smart card, the key pair is generated on the hardware device.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint