Hi Jason,

Welcome to MSDN newsgroup.
As for the X509 server certificate location question, here are some of my
understanding and suggestions:

1. For X509 certificate, the storage style (store in disk file or database
or ....  machine specific or ....) is depend on the CSP for certificate.
Currently the windows implementation for certificate services only provide
machine wide certificate store. We can only store certificate in user store
or machien store and both are limited to a certain machine.

2. As for the "securityTokenManager" you mentioned in WSE, it is used for
verifying and authenticating clientside security tokens (eg,
UsernameTokenManager, x509CertificateTokenManager.....). So it won't have
any effect on locating and retrieving server certificate.

So for your scenario, we still recommend that you install the server
certificate on all the necessary server machines which will be involved in
your cluster or loading balance environment.

Thanks,

Steven Cheng
Microsoft Online Support

--------------------
From: <jason.chen@newsgroups.nospam>
Subject: securityTokenManager loading X509 certificate
Date: Tue, 30 Aug 2005 12:31:42 -0400
Lines: 9
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.3790.326
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.326
Message-ID: <eN1iPBYrFHA.1028@TK2MSFTNGP12.phx.gbl>
Newsgroups: microsoft.public.dotnet.framework.webservices
NNTP-Posting-Host: a7cebc03.cst.lightpath.net 167.206.188.3
Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.dotnet.framework.webservices:7688
X-Tomcat-NG: microsoft.public.dotnet.framework.webservices

Hi, I'd like to store X509 cetificates in a central location (file server,
database, etc), and load them when needed, is it practical ? and in term of
implementation, can this be achieved by subclass 'securityTokenManager'? has
anyone done something similar and shed some lights on it?

thanks,
-Jason