public-key-infrastructure – Page 4

What’s the difference between DER and PKCS#12 formats? [closed]

Posted on October 9, 2023 by daego

Both are binary files and both can store digital certificates and private keys.

Continue reading What’s the difference between DER and PKCS#12 formats? [closed]→

Is a Certificate Signing Request a concatenation of public key and metadata?

Posted on September 9, 2023 by JLC

From this question, it is said that when creating a CSR, we attach the public key and fill in other data.

When creating a CSR, you attach your public key to it and fill in other needed data; you then send it to a Certificate Authority (CA… Continue reading Is a Certificate Signing Request a concatenation of public key and metadata?→

Write message that can be verified by any member of a group

Posted on September 6, 2023 by gilbertbw

I am trying to develop a scheme for publishing a message to a group of recipients. Any recipient needs to be able to verify who the message was sent by.
There may be tens of messages generated each second, and the senders may be low power,… Continue reading Write message that can be verified by any member of a group→

Unable to verify certificate chain

Posted on August 27, 2023 by GlinesMome

I’m trying to set-up a certificate chain (CA root -> Intermediate CA -> Server certificate)
Here’s my attempt:
Creating CA Root:
##!/usr/bin/env bash
set -xeuo pipefail

CA_DIR=server/generated/ca-root
REQ_DIR=server/requests

mkdir… Continue reading Unable to verify certificate chain→

Can we move a PKI-as-a-service to own managed PKI server? [closed]

Posted on August 21, 2023 by ratib90486

I’m a noob in PKI stuff. But if we were to subscribe to a PKI cloud service, could we move our root CA and other PKI stuff to our own PKI infrastructure once I’m ready to manage it ourselves?

Continue reading Can we move a PKI-as-a-service to own managed PKI server? [closed]→

Can you sign a TLS root certificate that already exists? [duplicate]

Posted on August 20, 2023 by Danya02

Alice and Bob have TLS certificate authorities. My device trusts Alice’s CA, and connects to servers that present a certificate rooted at Alice’s CA. It does not explicitly trust Bob’s CA, or the servers that use his certificates.
Alice tr… Continue reading Can you sign a TLS root certificate that already exists? [duplicate]→

Require certificate to use home WiFi [migrated]

Posted on August 15, 2023 by derek johnston

I own an apartment complex and want to implement a system where users can only use the building wifi unless they have a certificate.
Like a PKI where I have a self signed cert that users install to access the wifi
Currently I have the user… Continue reading Require certificate to use home WiFi [migrated]→

Any client still supporting the S/MIME Capabilities Extension in 2023?

Posted on July 22, 2023 by Jaime Hablutzel

RFC 4262, "X.509 Certificate Extension for Secure/Multipurpose Internet Mail Extensions (S/MIME) Capabilities", defines the S/MIME Capabilities Extension which allows to communicate through the X.509 certificate the encryption al… Continue reading Any client still supporting the S/MIME Capabilities Extension in 2023?→

How to Protect and Secure Your Data in 10 Ways

Posted on July 18, 2023 by Ali Azhar

Use this comprehensive list of strategies to help you safeguard your company’s data from threats and data breaches. Continue reading How to Protect and Secure Your Data in 10 Ways→

How do TLS clients validate intermediate CA certificates?

Posted on July 6, 2023 by Michael

I have read many posts related to the intermediate CA certificates and I do hope my question is not a duplication.
Where do TLS clients fetch intermediate CA certificates from?
In SSL server handshake, does server also send CA certificate
… Continue reading How do TLS clients validate intermediate CA certificates?→