3 Protocol Details

The Windows Client Certificate Enrollment Protocol is a simple request-response protocol. The client sends a certificate request and the server responds with a signed certificate or a detailed disposition message. The primary usage of this protocol is certificate enrollment. In almost all cases, the protocol is a single message followed by a single reply. An overview of subprotocols is specified in section 1.3.1. Many of the DCOM methods that are specified in section 2 are made available for nonprotocol functions, such as diagnostics.