In the context of Microsoft Application Center 2000, an application is a list of resources that are synchronized within, or deployed to, a cluster. This listing references resources so that more than one application can reference the same resource. Deployment in Application Center is the transfer of content and configuration settings from one cluster, usually a stager, to another (usually the production cluster). This differs from synchronization, which replicates content and configuration settings from the cluster controller to one or more cluster members, ensuring that all synchronized content is identical across the cluster. However, the processes and resources that are used are identical and you can deploy and synchronize content by using the Application Center snap-in.
You cannot explicitly add X.509 certificates to applications by using the Application Center snap-in or the command-line tool. However, they are automatically synchronized or deployed with their associated Web sites if the private key can be exported. Furthermore, the X.509 certificate must be used for server authentication and bound to a name that is valid across the cluster, such as the cluster's shared DNS name. I'm not sure why you do not want to deploy the IIS Web server certificate to the production server, but I would try creating and using a non-exportable certificate so it can't be included in the automatic deployment process.
This was first published in November 2005