Certificate Properties
Certificate Services supports the use of certificates as defined in the ITU-T recommendation X.509 (also, ISO/IEC 9594-8). The following are properties that are contained in a standard X.509 certificate.
| Field | Description |
|---|---|
| Version | Version number of the certificate format. |
| Serial Number | Serial number of the certificate. This number is assigned by the issuer and is unique within the issuer's list of issued certificates. |
| Algorithm Identifier and Parameters | Signature algorithm and any parameters used by the issuer. |
| Issuer | Name of the certification authority which issued the certificate. |
| Not Before (Date) | Certificate not valid before this date. |
| Not After (Date) | Certificate not valid after this date. |
| Subject Name | Name of the person or entity to whom the certificate is being issued. This field can also include the certificate recipient's organization, organization unit, locality, state or province, and country/region. |
| Subject Public Key Algorithm and Parameters | The algorithm and any parameters used for the subject's public key. |
| Subject Public Key | The actual public key (a bit string). |
| Signature | Signature as provided by the issuer. |
A certificate can contain the following items, depending on the X.509 version of the certificate.
| Optional field | Description |
|---|---|
| Issuer Unique ID | Used to make the issuer name unambiguous if it has been used by more than one entity. Present only in versions X.509 2.0 or later. |
| Subject unique ID | Used to make the subject name unambiguous if it has been used by more than one entity. Present only in X.509 2.0 or later. |
| Extensions | For specifying any desired custom properties. Any number of extension fields can be included in the certificate. Present only in version X.509 3.0. |
Note
Microsoft Certificate Services issues X.509 version 3 certificates.
Related topics