Purpose

Yes

Encryption, Signature, Signature and encryption, and Signature and smartcard logon

Delete revoked or expired certificates (do not archive)

Yes

Include symmetric algorithms allowed by the subject

Yes

SMIME settings

Archive subject’s encryption private key

No

Authorize additional service accounts to access the private key

No

Allow private key to be exported

Yes

Renew with the same key

Yes

For automatic renewal of smart card certificates, use the existing key if a new key cannot be created

Yes

Enroll subject without requiring any user input

Yes

Prompt the user during enrollment

No

Prompt the user during enrollment and require user input when the private key is used

No