Command-Line Utilities
Certificate Services includes three command-line tools you can use for various administrative tasks. Although none of these tools are necessary for ordinary operation of your CAs, sometimes they come in handy.
The Certsrv Tool
Certsrv.exe is the actual executable that implements the Certificate Services code. Normally, you start and stop the server using the Services snap-in; however, you can manually start it from the command line. This allows you to start the server only when you need to issue a new certificate; many sites choose to run their root CAs in this on-demand mode because it helps reduce the risk of an accidental or malicious issuance of an unwanted certificate.
As an extra bonus, if you run Certsrv.exe with ...
Get Microsoft® Windows Server 2003: Administrator’s Companion now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
