Key Management Server (KMS)

Definition of Key Management Server (KMS) in The Network Encyclopedia.

What is KMS (Key Management Server)?

A component of Microsoft Exchange Server version 5.5 that provides encryption and digital signature services for secure messaging. Key Management Server (KMS) enables you to send secure mail using Secure/Multipurpose Internet Mail Extensions (S/MIME) algorithms such as DES, 3DES, RC2-40, RC2-64, and RC2-128, and monitors all security functions for Microsoft Exchange. KMS is implemented as a Microsoft Windows NT service and requires that Microsoft Certificate Server be installed on a machine in your enterprise to issue user certificates. KMS uses Certificate Server for generating digital certificates and key pairs. Once KMS is installed and configured in an Exchange organization, security can be administered using two objects in the Exchange directory hierarchy displayed in the Exchange Administrator tool:

  • Certificate authority (CA), a directory object for configuring security for users
  • Site Encryption, a directory object for configuring security for sites

Only one KMS can be installed in an Exchange organization. Service Pack 1 and later for Exchange Server 5.5 includes additional enhancements and fixes for KMS, so it’s recommended that you install the service pack before using KMS.