Certificate Authorities (CAs)
A Certificate Authority (CA) issues certificates. In addition to trusted third-party commercial companies such as VeriSign, a Windows Server 2003 system can be configured to issue certificates and to verify that an existing certificate is legitimate and belongs to the claimed entity.
Before issuing a certificate, a CA must validate the applicant's identity.
You should consider the following points before installing a CA in Windows Server 2003:
- Think twice about installing a CA on a Domain Controller, as this could result in overloading.
- Make sure you're happy with the computer name: it can't be renamed after loading Certificate Services nor can the computer join or leave a domain.
- Use a unique CA name for each CA in your enterprise.
There are two main types of Windows Server 2003 CAs, each of which can be a Root or Subordinate Certificate Server: Enterprise CA and Standalone CA.
Next: Enterprise CA