Public Key Infrastructure (PKI)

Types of Certificates in Windows Server 2016

Types of Certificates in Windows Server 2016

In this blog, post I’ll explain you more about Types of Certificates in Windows Server 2016. The broad term for a certificate environment is known as Public Key Infrastructure (PKI).Your PKI is provided by servers in your network, and configuring those servers to issue certificates for you is the what I will be showing you going forward.

The servers which you determine to be your certificate servers are known as certification authority (CA) servers.

Types of common certificate:

  1. User Certificates
  2. Computer certificates
  3. SSL certificates
  4. Single-name certificates
  5. Subject Alternative Name certificates
  6. Wildcard certificates

User Certificates

A user certificate is one used for purposes that are specific to the username itself.
One of the platforms that is driving more certificate adoption is the network authentication process. Companies who are looking into stronger authentication in their environments are often looking into certificates as part of that authentication process.

Use case 1: Smart cards are one of the specific mechanisms that can be used for this purpose. Many times the core functionality of the smart card authentication is provided by a user certificate that has been stored on that smart card.

Use case 2: Another authentication form that is becoming more popular is one-time-passwords (OTP). This requires the user to enter a randomly generated pin number in addition to their regular login criteria, and in some cases when the user enters their pin, they are being issued a temporary user certificate to be used as part of the authentication chain.

Use case 3: User certificates are commonly found is when companies employ file encrypting technologies
such as EFS (Encrypting File System).

You can use the commands below to launch their respective consoles:

CERTSRV.MSC – To launch Certification Authority Management
CERTTMPL.MSC – To launch Certificate Template Management
CERTLM.MSC – To launch Local Computer Certificates Store


In my next blog, post I will explain you about User Certificates.