2.2.2.6 Request Format

The Windows Client Certificate Enrollment Protocol is a simple request-response pattern between the client and the server (CA). The client MUST send the certificate request by using one of the following ASN.1 encoded message formats: PKCS #10, CMS, Netscape, or CMC. Each format contains a set of attributes and extensions that describe the request.

This section defines the format for the various client request types. A single ASN.1 encoded request makes up the entire byte buffer of a CERTTRANSBLOB (section 2.2.2.2) structure passed to the CA. Detailed processing rules for each of the message formats are specified in section 3.1.1.4.