Cigarette Smoking Man – WindowsTechs.com

What mechanism stops smartcards and YubiKeys from exporting private keys?

Posted on June 18, 2023 by Cigarette Smoking Man

How are the above devices built and what is the mechanism that seals them off from giving out private keys? Are the sign/decrypt operations somehow soddered into their hardware, is it a tiny piece of software which only API is to perform t… Continue reading What mechanism stops smartcards and YubiKeys from exporting private keys?→

Is there a reason why generating a root CA with `openssl req …` (with no -x509) followed by `openssl x509 …` doesn’t copy/preserve extensions?

Posted on January 8, 2021 by Cigarette Smoking Man

Is there a reason for not copying certificate signing request’s (CSR) extensions over to certificate when creating a root CA the following way?

openssl req -config openssl.cnf -new -key ca.key.pem -out ca.csr.pem -addext ‘basicConstraints… Continue reading Is there a reason why generating a root CA with `openssl req …` (with no -x509) followed by `openssl x509 …` doesn’t copy/preserve extensions?→