Microsoft® Certificate Server is included with the Windows NT 4.0 Option Pack, however, it is not installed as part of the Typical option in setup. To install Certificate Server, run the Windows NT 4.0 Option Pack Setup. If you have already installed the Option Pack, click the Add/Remove button (which enables you to add a component to the existing installation), select the Certificate Server check box, and then proceed with setup. If you have not yet installed the Option Pack, click the Custom button during setup, select the Certificate Server check box, and then proceed with setup.
The Certificate Server is a command-line executable file (installed by default in the \WINNT\System32\ directory) that runs as a Windows NT service. Generating a certificate involves running the CertReq application (certreq.exe) while the Certificate Server service is running.
net start certsvc
certreq filename.crq filename.crt filename.chn
The CertReq application generates a certificate (.crt) file and a certificate chain (.chn) file, based on the request. The .crt file contains only the certificate, while the .chn file contains the certificate plus the certificate for the issuing authority. The Certificate Management Tool requires a certificate chain file (.chn), but because the .crt is a required parameter, a .crt file is generated as well.