Collaborate Disseminate
Is there any tool out there that will monitor my system’s use of root CAs? So far I have not found anything, and so I am hoping that this community will know if such a tool exists.
For background, I use Windows, which comes with its own c… Continue reading Is there a tool for auditing my root certificates?
I have a key pair which I used to generate a CSR.
Once I enrolled that CSR PKCS10, I get from the PKI (or CA) a certificate signed with the PKI private key.
From here, I would like to know if my private key is useful in any way in regards … Continue reading What happens to the key pair once the CSR has been enrolled?
Regarding the TLS 1.3 Handshake Protocol:
When the Server sends it’s certificate, exactly how does the Client validate this?
I know at a high level the Client is verifying the data the Server sent matches what the Certificate Authority con… Continue reading What happens at a low level when authenticating server certificates?
how are you?
My orgazation is transitioning to using GoDaddy certificates, and I’m exploring if there’s an established automated process to download and apply renewed certificates from GoDaddy to our Windows or Linux servers
I’ve been rese… Continue reading Godaddy automatic renewals (Powershell & alternatives)
To this date, is there a specification or a de-facto industry standard or how applications are supposed to perform certification path building in the context of X.509? I am specifically asking about the part of the certification path build… Continue reading Certification path building for 509 certificates
I am using Fiddler, and I have to insert a CA Cert to decrypt the SSL certificate coming out of my device. My device running Android 13 is rooted, and when I installed my cert, it went into the user’s section (as expected).
However, I also… Continue reading Move a user CA cert to a trusted root cert in Android 13
I have my own CA root certificate and I’ve been signing CSR (with this certificate) directly with openssl x509 -req (internal https, mqtts, etc). For a project I need to have revocation lists of the signed certificates and so I googled how… Continue reading The current crlnumber file is not being created [closed]
I have an IoT device which is failing to establish a connection with the cloud. The problem is related to the device X509 certificate (to the best of my understanding). I’ve posted a version of this question in the general stackoverflow to… Continue reading How to resolve an issue with potential mismatch between device certificate and CA certificate?
How to renew the Root CA certificate on Microsoft Active Directory Enterprise Root Certificate Authority Windows Server 2012 R2?
The certificate expired on 27 Aug. 2023, getting the error below while renewing. I have the updated registry t… Continue reading How to renew the Root CA Certificate on Microsoft Active Directory Enterprise CA [migrated]
I’m new and I’m trying to understand default_crl_days. The default is 30 days thus does it mean after 30 days, the CRL list can no longer be trusted? If so, do we need to generate a new list before 30 days is up?
And what would be the reco… Continue reading What is default_crl_days in OpenSSL and recommended days?