Collaborate Disseminate
RFC 4262, "X.509 Certificate Extension for Secure/Multipurpose Internet Mail Extensions (S/MIME) Capabilities", defines the S/MIME Capabilities Extension which allows to communicate through the X.509 certificate the encryption al… Continue reading Any client still supporting the S/MIME Capabilities Extension in 2023?
Just out of curiosity, could you provide (old) real world X.509 v2 certificate examples that include the deprecated (in some version of X.509) and forbidden (in RFC 5280) issuerUniqueIdentifier or subjectUniqueIdentifier fields?.
A bonus p… Continue reading Real world X.509 v2 certificate examples?
I’ve observed the practice of generating dedicated issuer CAs for signing TSU (Time-Stamping Unit) certificates instead of just using another existing issuer CA, for example, one used to sign S/MIME certificates or SSL certificates.
Now, … Continue reading Why generate dedicated issuer CA for TSU certificates?
I’m not really aware of FIPS 140-2 requirements, but AFAIK some MS cryptographic libraries are FIPS 140-2 level 1 certified, so here it goes my question:
If I do have the following requirement:
Signature private keys has to be stored … Continue reading Is Windows certificate store FIPS 140-2 level 1 certified?
Over time I have installed several additional trusted CA certificates to Windows trust store, sometimes because an app pushed me to do so, other times for reasons of development and testing.
Is there any command to restore the default (o… Continue reading How to reset Windows trusted certificates store to its default [closed]
Say I have these URLs:
https://example.org/
https://example.org/criticalpath
I want the first one to be served with a domain validated commercial SSL certificate and the second one with an extended validation SSL certific… Continue reading Is it technically possible to configure two different SSL certificates for the same domain?