3.6.4.2.4.1 EnrolleeCertificatePublicKey

The EnrolleeCertificatePublicKey complex type contains a public key and an associated GUID.

 <s:complexType name="EnrolleeCertificatePublicKey">
   <s:sequence>
     <s:element minOccurs="0" maxOccurs="1"
                name="aPublicKeyBytes"
                type="s:base64Binary" />
     <s:element minOccurs="1" maxOccurs="1"
                name="Guid"
                type="s1:guid" />
   </s:sequence>
 </s:complexType>
  

aPublicKeyBytes: MUST contain the server's RSA PKCS#1-encoded public key as a base64-encoded string.

Guid: MUST be a unique GUID that identifies the server, represented as a literal ASCII string enclosed in braces. If the server has not previously acquired an SLC chain as specified in section 3.1.3.2, the server generates a new GUID. Otherwise, the server uses the GUID specified in the ISSUEDPRINCIPALS element of its SLC as specified in section 2.2.9.3.3.