Collaborate Disseminate
A vulnerability in SSL.com has resulted in nearly a dozen certificates for legitimate domains being wrongly issued.
The post SSL.com Scrambles to Patch Certificate Issuance Vulnerability appeared first on SecurityWeek.
Continue reading SSL.com Scrambles to Patch Certificate Issuance Vulnerability
I do not know much about how MS Windows interprets client certificates but I was faced with a statement I have a hard time integrating.
The context: organization EXAMPLE has an Active Directory and an associated PKI. It signs sub-CAs to de… Continue reading Can a public certificate provider impersonate an AD?
Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve leaned on certificates with maximum validity term stretching for months and, … Continue reading Why shorter SSL/TLS certificate lifespans matter
HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation.
The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek.
Continue reading New Issuance Requirements Improve HTTPS Certificate Validation
According to the RabbitMQ documentation, any certificate issued by a CA that is in RabbitMQ’s certification bundle will be trusted. Therefore, how can this type of authentication be secure if a CA — e.g., certbot — issues many certificates… Continue reading How is RabbitMQ’s certificate authentication secure if it uses PKI?
It appears that HTTP/2 requires TLS. Which is fine, but why are certificates mandatory?
From what I know you can have TLS without certificates. Certificates just add an extra layer of security. How can we test HTTP 2 on localhost if certif… Continue reading HTTP 2 not possible without certificate? [closed]
I would like to install some fonts from my Mac onto my iPad. I’ve created a configuration profile with Configurator 2 to achieve this.
I am not currently enrolled in the Developer program so I cannot sign the profile.
Given that:
I create… Continue reading Unsigned iOS configuration profile risks
I have a client-server on prem application.
If I want to provide code signing, what are the files that should be signed (exe or jar or cmd or …) ?
Also should both files on server and on client be signed ?
Is there a standard to follow t… Continue reading How to apply code signing
This webpage by Apple appears to list the certificates that their products automatically treat as untrusted by default. Are there similar resources for other platforms and/or browsers?
On this site, Understanding Microsoft list of disallow… Continue reading Lists of blocked certificates on various platforms
I noticed that on Windows systems many expired certificates are listed in the certificate store certmgr. Should they be deleted when expired and if so why or why not?
If they should be deleted why isn’t this done automatically by Windows? … Continue reading Should expired (root) certificates be deleted from the certificate store?