Certificate Templates

Get the basics about certificate templates.

ITPro Today

August 22, 2002

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Certificate templates let you specify the types of certificates that users or computers can request from your Certificate Authority (CA). A certificate template limits the purposes (e.g., email, smart card logon, Windows 2000 Encrypting File System—EFS—IP Security—IPSec) for which you can use certificates that you base on that template. You can also edit a template's ACL to restrict the users or computers who can request certificates based on the template. Because the users, computers, and CA are all part of a Win2K Active Directory (AD) forest, the CA can rely on Kerberos to identify and authenticate the users or computers who make certificate requests, thereby enforcing the certificate template’s ACL.

You can use Group Policy to configure authorized computers to automatically request a certificate from the CA according to the IPSEC certificate template. That way, only those computers can obtain a certificate from the CA and use that certificate to authenticate and communicate with a specified server through IPSec.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like