Collaborate Disseminate
To test if a virus scanner is working one can use the EICAR test file. This is a well-known file which is not a working virus and can be recognized as such.
Does something similar exist to do tests with (private) ssh keys (e.g. inclusion i… Continue reading test ssh key set [closed]
When we have only the individual Apple developer account and want to develop with a team, I believe we should share the p12 file with other developers. Then what will happen?
The private key differs from the one for distribution, so the cr… Continue reading Risk of sharing p12 files for iOS development
I am trying to sign certificate by CA which generated by CA. But I am facing below error code while singing.
Generate certificate:
# tpm2tss-genkey -a rsa -s 2048 mykey
# openssl req -new -engine tpm2tss -key mykey -keyform engine -out tpm… Continue reading TPM tss2 certificate signing request sign by CA
In the Windows Certificate Store, during a request creation, there are options given for the private key to be ECDH (Key Usage: keyAgreement) and for RSA for encryption only (Key Usage: keyEncipherment):
ECDH,Microsoft Software Key Storag… Continue reading Microsoft Software Key Storage Provider for ECDH (Key Usage: keyAgreement) and for RSA encryption (Key Usage: keyEncipherment)
The windows certificate store, during the creation of a request, gives the following options for the private key:
ECDSA_nistP384,Microsoft Software Key Storage Provider (KSP)
ECDSA_secP384,Microsoft Software Key Storage Provider (KSP)
During the creation of a certificate request through the Windows Certificate Store, at the options for the private key, there are the following options for choosing a KSP:
ECDSA_brainpoolP512,Microsoft Software Key Storage Provider (KSP)
… Continue reading ECDSA_bainpoolP512 vs ECDSA Microsoft Software Key Storage Provider (KSP) / ECDSA_nistP384 vs ECDSA_secP384 vs ECDSA_P384
I know that modern web browsers don’t check CRLs for certificates from CAs in the default trust store anymore.
I also know that there are some exceptions for certificate validation when it comes to corporation / enterprise PKIs. For exampl… Continue reading Do current browsers still validate CRLs in enterprise PKI environments
I would like to know the process of how public keys/certificates are renewed for a website. I understand the concept of CA (Certificate Authority) chains, and how the public key/certificate for a site is signed by a CA (usually an intermed… Continue reading SSL/x509 certificate/public key expiration [duplicate]
Is this how X509 certificates are verified to be valid?
The receiver receives the certificate
Look at the issuer of the cert, and find the public key of that CA (its hardcoded in the application or the OS)
Decrypt the signature using the … Continue reading Over what fields is the X509 hash computed over? [duplicate]
Is this how X509 certificates are verified to be valid?
The receiver receives the certificate
Look at the issuer of the cert, and find the public key of that CA (its hardcoded in the application or the OS)
Decrypt the signature using the … Continue reading Over what fields is the X509 hash computed over? [duplicate]