Windows Server Summit 2026 | Part 16: Future-proofing PKI with AD CS in Windows Server 2025

The Active Directory Certificate Service (AD CS) is one of the core services of Active Directory. It enables the use of certificates for a wide variety of application scenarios. For example, it allows organizations to completely eliminate the use of passwords for user logins.

At the same time, AD CS is a very static construct and must be carefully planned from the outset for a long operational lifespan (e.g., 20–30 years). As a result, this role rarely receives new features. Nevertheless, AD CS is not a dying technology; on the contrary, it is now receiving a significant enhancement that will enable its secure use for years (and decades) to come.

This article discusses the new features in AD CS.

PKI and changes in the ecosystem

With the advent of quantum computing, significant security risks have emerged for classical encryption algorithms. These can now be cracked in a very short amount of time. It is expected that such quantum computers will be available around the year 2030. Accordingly, quantum-resistant algorithms have already been developed and are ready for deployment.

Furthermore, the use of certificates is steadily increasing. Therefore, doing away with certificates to circumvent the aforementioned security risks is out of the question.

For existing infrastructures, there is thus a need for action to adequately address these developments—especially given that PKI structures, in particular, can only be changed very slowly due to their long lifespans and validity periods.

With its QSP strategy, Microsoft therefore aims to enable the early introduction of quantum-resistant PKI in 2029 and to complete the transition by 2033.

PQC in AD CS

ly, the AD CS role in Windows Server will be upgraded with quantum-resistant algorithms. This will take place in two phases:

• Phase 1: Support for ML-DSA (algorithm for digital signatures, such as code signing and authentication; already available)
  • Variants: 44/65/87
  • Signing mode: Pure mode (no hash)
• Phase 2: Composite certificates and support for ML-KEM (key encapsulation algorithm, e.g., for TLS and S/MIME)

Since Phase 1 has already been completed, new certificate authorities can already be set up using quantum-resistant algorithms. This enables a gradual transition from the previous platform to the new one. All that is required is to install the May update for Windows Server 2025. Windows Client has supported such certificates since Build 24H2.

Important to note: the keys are significantly larger than before (1–2 KB or 2–4 KB compared to 256 bytes for RSA and 96 bytes for ECC). This must be taken into account when planning storage and bandwidth.

Composite certificates will allow for a combination of classical and quantum-resistant algorithms. During verification, both must be successfully validated, which thus increases protection compared to single-validation.

AD CS beyond Post-Quantum

Microsoft offers some tips on how to prepare your infrastructure for the introduction of quantum-resistant certificates:

• Migrate all certificates to CNG providers and no longer allow legacy providers
• Deploy or migrate to Windows 11 and Windows Server 2025 across the board
• Deploy .NET 10 to support quantum-resistant algorithms
• Enable TLS 1.3 or enforce it where possible (a prerequisite for using quantum-resistant certificates)

Best practices in AD CS

Finally, Microsoft lists a few best practices for operating a PKI:

• Enhanced monitoring - Monitor the PKI using appropriate tools and closely monitor the issuance of certificates deemed critical to ensure security, and also utilize the new event IDs
• Scalable certificate revocation—use CRL partitioning to improve performance, especially in large environments
• Access to CPS policy—enable and ensure access to the Certificate Policy Statement from all network segments and areas

Liked this article? Share it!

• Share on LinkedIn
• Share on Bluesky
• Share on Facebook
• Email this Page
• Share on Reddit