[Version]
Signature = "$Windows NT$"

[Global]
FreshMode = Minimal | Typical | Custom
MaintenanceMode = AddRmove | reinstallFile | reinstallComplete | RemoveAll
UpgradeMode = UpgradeOnly | AddExtraComps

[Components]
certsrv = ON
certsrv_client = ON
certsrv_server = ON
;certsrv = OFF
;certsrv_server = OFF
;certsrv_client = OFF

;// web client component attributes
[certsrv_client]
;// machine name to which web client is connected
;CAMachine = xtan1

;// ca name on the machine to which web client is connected
;CAName = ca name


;// server client component attributes
[certsrv_server]
;// ca type; one of "EnterpriseRoot", "EnterpriseSubordinate",
;// "StandaloneRoot", & "StandaloneSubordinate"
CAType = StandaloneRoot

;// this ca common name
Name="my test name"

;// this ca organization name
Organization="my test org"

;// this ca organization unit
OrganizationalUnit="my organizational unit"

;// this ca locality
Locality="my locality"

;// this ca state or province
State="my state"

;// this ca country code
Country=UA

;// this ca description
Description="my description"

;// this ca email address
Email="my@email.com"

;// this ca validity period
ValidityPeriod=3

;// this ca validity period unit
;// one of "years" "months" "weeks" "days"
ValidityPeriodUnits=Months

;// shared folder, optional if empty or omit
Sharedfolder="d:\caconfig"

;// if not defined, default would be saved to dir same as CA cert file
;// except the file extension is req
;RequestFile="d:\caconfig\subca.req"

;// if defined, subordinate CA setup becomes online
;ParentCAMachine=xtan1

;// if not defined, will use ParentCAMachine to ping and get parent CA name
;ParentCAName="My Parent CA"

;// csp name
;CSPProvider="Microsoft Base DSS Cryptographic Provider"

;// hash algorithm, MD5, SHA1, MD4, or hash id
;HashAlgorithm=md5

;// key length
;KeyLength=1024

;// use existing key if not empty
;ExistingKey="my test name"

;// use existing cert, depends on ExistingKey, YES or NO
;UseExistingCert=YES

;// use existing database, depends on both ExistingKey & UseExistingCert
;// either YES or NO
;PreserveDB=NO

;// Specify storage location for the certificate database.
;// Default: "%windir%\system32\certlog"
;DBDir="d:\dbdir"

;// Specify storage location for the certificate database log.
;// Default: "%windir%\system32\certlog"
;LogDir="d:\logdir"

;// Allow certsvc service to interact with the desktop. Useful when selecting
;// a CSP that needs interaction with the desktop, such as a smart card CSP
;// Value: YES | NO
;// Default: NO
;Interactive=YES