SECURING MICROSOFT PKI DEPLOYMENT BASED ON MICROSOFT ACTIVE DIRECTORY CERTIFICATE SERVICES (AD CS)
The Microsoft (MS) Server package already contains a PKI. With that PKI a Certificate Authority (CA) can be established. The trust of the entire system and validity of each issued certificate depends upon the protection of the CA key issuing the identities.Therefore, Microsoft best practices recommend storing private keys on a HSM.
Contact us if you want to know more about our products and offering.