Difference between revisions of "Key Store"
From MgmtWiki
(→Windows) |
(→Windows) |
||
Line 4: | Line 4: | ||
The original Windows Crypto API was build on RSA code by the AD team and treated certificates as the primary objects. Keys were depended from Certificates. While that changes with the CNG code base and Key Store Objects appeared, the certificate language remained. | The original Windows Crypto API was build on RSA code by the AD team and treated certificates as the primary objects. Keys were depended from Certificates. While that changes with the CNG code base and Key Store Objects appeared, the certificate language remained. | ||
{|border="1" padding="2" width="799px" | {|border="1" padding="2" width="799px" | ||
− | |Physical||Logical store || Description | + | |Physical||Logical store || Description of Contents |
|- | |- | ||
| My ||Personal || certificates associated with a private key controlled by the user or computer. | | My ||Personal || certificates associated with a private key controlled by the user or computer. | ||
Line 12: | Line 12: | ||
| ?? ||Enterprise Trust || certificate trust lists typically used to trust self-signed certificates from other organizations. | | ?? ||Enterprise Trust || certificate trust lists typically used to trust self-signed certificates from other organizations. | ||
|- | |- | ||
− | |CA ||Intermediate Certification Authorities | + | |CA ||Intermediate Certification Authorities || certificates issued to subordinate CAs in the certification hierarchy. |
|- | |- | ||
| ?? ||Active Directory User Object || the user object certificate or certificates published in Active Directory. | | ?? ||Active Directory User Object || the user object certificate or certificates published in Active Directory. | ||
Line 24: | Line 24: | ||
| TrustedPeople ||Trusted People || certificates issued to users or entities that have been explicitly trusted. | | TrustedPeople ||Trusted People || certificates issued to users or entities that have been explicitly trusted. | ||
|- | |- | ||
− | | ADDRESSBOOK ||Other People || | + | | ADDRESSBOOK ||Other People || certificates issued to users or entities that have been implicitly trusted. |
|- | |- | ||
| REQUEST ||Certificate Enrollment Requests || pending or rejected certificate requests. | | REQUEST ||Certificate Enrollment Requests || pending or rejected certificate requests. |
Revision as of 15:25, 26 June 2020
Full Title or Meme=
Where Keys, Certificates and Bindings can be found on each Operating system.
Windows
The original Windows Crypto API was build on RSA code by the AD team and treated certificates as the primary objects. Keys were depended from Certificates. While that changes with the CNG code base and Key Store Objects appeared, the certificate language remained.
Physical | Logical store | Description of Contents |
My | Personal | certificates associated with a private key controlled by the user or computer. |
Root | Trusted Root Certification Authorities | certificates from implicitly trusted certification authorities (CAs). |
?? | Enterprise Trust | certificate trust lists typically used to trust self-signed certificates from other organizations. |
CA | Intermediate Certification Authorities | certificates issued to subordinate CAs in the certification hierarchy. |
?? | Active Directory User Object | the user object certificate or certificates published in Active Directory. |
TrustedPublisher | Trusted Publishers | certificates from trusted CAs. |
?? | Untrusted Certificates | certificates that have been explicitly identified as untrusted. |
Root | Third-Party Root Certification Authorities | trusted root certificates from CAs outside the internal certificate hierarchy. |
TrustedPeople | Trusted People | certificates issued to users or entities that have been explicitly trusted. |
ADDRESSBOOK | Other People | certificates issued to users or entities that have been implicitly trusted. |
REQUEST | Certificate Enrollment Requests | pending or rejected certificate requests. |
FlightRoot | Preview Build Roots | |
TestSignRoot | Test Roots | |
eSIM Certification Authorities | eSIM Certification Authorities | |
Homegroup Machine Certificates | Homegroup Machine Certificates | |
Remote Desktop | Remote Desktop | |
SmartCardRoot | Smart Card Trusted Roots | |
SMS | SMS | |
TrustedAppRoot | Trusted Packaged App Installation Authorities | |
TrustedDevices | Trusted Devices | |
WebHosting | Web Hosting | |
WHSKeys | WHSKeys | |
Windows Live ID Token Issuer | Windows Live ID Token Issuer | |
Windows Web Management | Windows Web Management | |
ClientAuthIssuer | N/A | |
MSIEHistoryJournal | N/A | |
Trust | N/A |