Retrieving the Certificate

When the certificate authority has successfully processed the request and the certificate has been issued, the certificate request identification is returned to the client. The client posts a message to the Windows 2000 Certificate Server that includes the request identification for the certificate and the encoding type. This is specified by the CERT_PICKUP_TEMPLATE option in the enrollment configuration file and can be modified if the default page layout is changed. For more information about the enrollment configuration file, see Configuring Enroll.exe.

Then the certificate is encoded and transmitted to the client over HTTP. On the client-side, Enroll.exe loads the certificate in the store specified in the enrollment configuration file. By default this is the "My Certificates" store. The certificate is associated with its private key by setting the CRYPT_KEY_PROV_INFO certificate property. Any certificate-aware application can now access this certificate from the store.

See Also

Enrolling for a Certificate | How to Enroll for a Certificate Using the Default Configuration | How to Enroll for a Certificate Using the Modified Configuration | Creating an Enrollment Environment | Configuring Enroll.exe | Configuring Enroll.exe

Last updated on Wednesday, April 13, 2005

© 2005 Microsoft Corporation. All rights reserved.