Partager via


Using the Enrollment Client Sample

Windows CE.NET provides a code sample that illustrates the client role for certificate enrollment. The sample is used to obtain a certificate for a Windows CE device from a Microsoft Windows 2000 or Windows Server 2003 with Web enrollment support installed. For the sample, the certificate authority is a Windows 2000 Certificate Server. The client sample is Enroll.exe and it is located in the %_WINCEROOT%\Public\Common\Sdk\Samples\Enroll directory.

For more information about the Microsoft Certificate Server, see the technical articles in Microsoft TechNet titled, Windows 2000 Certificate Services and Step by Step Guide for Setting up a Certificate Authority.

The enrollment process between the client, the sample, Enroll.exe, and the certificate authority, Windows 2000 Certificate Server, involves the following steps:

  1. Authenticating the client or user.
  2. Creating a PCKS #10 request.
  3. Posting the request.
  4. Retrieving the certificate.

In a Windows desktop environment, Microsoft Certificate Services provide a set of customizable active server pages (ASP) to handle the various stages of certificate enrollment. Most of these pages communicate with a Windows desktop client through the Certificate Enrollment Control. The Certificate Enrollment Control is a Microsoft ActiveX® control that handles all the client side operations in an enrollment scenario. The ASP pages combined with the Certificate Enrollment Control provide an Internet browser-based enrollment sample. However, many Windows CE devices do not have a browser and still require certificate enrollment capabilities. Because of that constraint, the Enroll.exe sample provides the capability for enrollment in an environment that does not include a fully functional browser.

**Note   **The Windows CE platform does not contain the Xenroll.dll, and therefore does not support the Icenroll interface that is available on the standard Windows platform.

The Windows CE enrollment scheme is based on standard Internet and Internet Engineering Task Force (IETF) protocols and can interact with the Windows 2000 Certificate Server without requiring added customization of the supplied templates and sample ASP pages. The following illustration shows the basic architecture and components for the enrollment sample included in Windows CE .NET.

See Also

Enrolling for a Certificate | How to Enroll for a Certificate Using the Default Configuration | How to Enroll for a Certificate Using the Modified Configuration | Creating an Enrollment Environment | Configuring Enroll.exe

Last updated on Wednesday, April 13, 2005

© 2005 Microsoft Corporation. All rights reserved.