Collaborate Disseminate
For example, consider https://www.cloudflare.com/ssl/ where I can get a free SSL cert. If I create a cloudflare account and get an cert but delete my cloudflare account, is the cert auto-revoked? What happens to this cert now that my cloud… Continue reading Are certificates persistent outside of where it’s created?
I understand I need to upload my digital certificate that I obtained from CA and also my private key. But what happens in the server after I uploaded? Does the server actually read my certificate and sign a message taken from the cert and … Continue reading What happens behind the scene when I install an SSL certificate for a website?
Lets say Bob wishes to communicate with Alice.
Alice’s public key is useless to Bob unless he can prove that the public key came from Alice. To do this, Bob and Alice can establish a secure channel to exchange Alice’s the public key, but t… Continue reading Does public key cryptography provide any security advantages, or even just a different security model, over symmetric cryptography?
I created a root CA and intermediate CA, and then created a server CA certificate signed by the intermediate CA. The purpose of whole that is for a TLS one way encryption between a java thin client and a server.
Please find the commands be… Continue reading how to create truststore and keystore
If an attacker wants to create a phishing website with a fake TLS certificate, to my noob mind, there is a way to do this:
Create the fake website certificate
Create the hash for this certificate
Take a valid root PKI certificate with the… Continue reading Brute force copy of PKI root certificates
Referring to this post. We learned about ssh today, and I know that you have to add your public key to the "authorized_keys" manually on the server, but the very first time you log into the server, it will add itself to your (cli… Continue reading Why is known_hosts automatically updated but authorized_keys is not?
I am working on seeing if Active Directory Certificate Services can be used to manage the trust infrastructure for a data center environment. I have a series of different services that are run on web hosts using various different service … Continue reading Can you use AD CS to generate certificates for service users with the computer name in the certificate details?
I am looking to implement 2FA. I know of duo and eg. Eset secure authentication. But both solutions seem to be implemented in a strange way, that is they require some form of communication with either Duo or Eset servers. For Eset, I know … Continue reading 2FA implementation security
I would like to understand how certificate-based signature works, I understand the standard asymmetric key signature where one party signs using their private key, and anyone else can validate this is authentic by checking against the publ… Continue reading How does a CA-backed signature works?
I am developing an embedded device using a bootloader. This means that the device will store in its flash an encryption key for decrypting update packages and an ECC public key for verifying update signatures. For this, the process needs t… Continue reading Strategy for storing private keys used in an embedded device