Chi.C.J.Rajeeva Lochana – WindowsTechs.com

Is there a standard order for the X.509 extensions of a certificate?

Posted on February 7, 2021 by Chi.C.J.Rajeeva Lochana

Is there a standard order for the X.509 extensions of a certificate?
For example:
[ myca_extensions ]
basicConstraints = critical,CA:FALSE
keyUsage = digitalSignature,keyEncipherment
extendedKeyUsage = serverAuth
subjectKeyIdentifier … Continue reading Is there a standard order for the X.509 extensions of a certificate?→

Can CRL and CA Issuers urls contain spaces?

Posted on February 7, 2021 by Chi.C.J.Rajeeva Lochana

I am using OpenSSL
For example, I have a CRL/CA Issuers URL that is like this:
http://pki.example.com/Example Intermediate Certificate Authority.crl

#CA Issuers
caIssuers;URI.0 = http://pki.example.com/Example Intermediate Certificate Aut… Continue reading Can CRL and CA Issuers urls contain spaces?→

When I run this command in OpenSSL, it also creates a file called `serial_number.pem`

Posted on February 6, 2021 by Chi.C.J.Rajeeva Lochana

Note that 00 in 00.pem is the serial number of the certificate.
When I run this command, it also creates a file called 00.pem in the new certs directory.
The 00.pem has the same content as enduser-example.com.crt.
Here is the command:
open… Continue reading When I run this command in OpenSSL, it also creates a file called `serial_number.pem`→

Every cert name in CRL database contains ‘unknown’

Posted on February 6, 2021 by Chi.C.J.Rajeeva Lochana

Every cert name in CRL database contains ‘unknown’, here is the CRL db:
# here is the problem………………………vvvvvvv………………………………………….
V 220206113901Z 43434A524C5231 unknown /C=IN/… Continue reading Every cert name in CRL database contains ‘unknown’→

Can two different Root certificates have the same serial number?

Posted on February 6, 2021 by Chi.C.J.Rajeeva Lochana

Can two different Root certificates and their intermediate certs have the same serial number?
I issue two root certificates:
Organization: My Example Organization:

My Example Organization Root Certificate Authority (serial number is 00)
-… Continue reading Can two different Root certificates have the same serial number?→

Can my Root, Intermediate and SAN certificates have the same serial number?

Posted on February 4, 2021 by Chi.C.J.Rajeeva Lochana

Can my Root, Intermediate and SAN certificates have the same serial number?
The serial number is 00.
If the Root, Intermediate and SAN should not have same serial numbers, then should I use the random serial number which gets generated whe… Continue reading Can my Root, Intermediate and SAN certificates have the same serial number?→

I am unable to use an RSA key generated with the -aes-256-gcm option in openssl, help

Posted on January 16, 2021 by Chi.C.J.Rajeeva Lochana

When I run:
openssl genrsa -aes-256-gcm -out rootca.key 4096

Then I get the following output:
$ openssl genrsa -aes-256-gcm -out rootca.key 4096
Generating RSA private key, 8192 bit long modulus (2 primes)
…………………………….. Continue reading I am unable to use an RSA key generated with the -aes-256-gcm option in openssl, help→

What if someone made Google SafeBrowsing flag a website by hosting a malicious site locally?

Posted on March 21, 2020 by Chi.C.J.Rajeeva Lochana

I have seen many posts here about /etc/hosts, but I don’t see them addressing this issue. The issue is:

If a person adds 127.0.0.1 mywebsite.com to their /etc/hosts file and 127.0.0.1 has dangerous social engineering and other malicious c… Continue reading What if someone made Google SafeBrowsing flag a website by hosting a malicious site locally?→