6 Certificate authorities
MyID can integrate with a Certificate Authority (CA)
You must install and configure the CA that you are going to use to issue and manage certificates before you install MyID.
Note: Integration with a CA is optional. You can skip this section if you do not want to issue certificates through MyID.
Warning: Instructions for configuring MyID to work with a specific CA are provided in the
MyID supports certificates issued to hardware (written to smart cards or tokens) or soft certificates (stored in an individual’s certificate store on the local machine). It may be possible to issue some certificates as both hard and soft certificates.
Normally, soft certificates are issued directly to the person to whom they relate, as that person must be logged on to the computer for the certificate to be written to the correct certificate store. MyID provides the facility for an operator to request a soft certificate on someone’s behalf, save it to file, and then send it to the named person by any suitable method, such as email.
MyID automatically detects the presence of a Microsoft Certificate Services CA
All certificate policies are initially disabled. You must manually enable the CA and the particular certificate policies that you want to issue.