Handling X509KeyStorageFlags in applications

By Vadims Podāns | June 21, 2021 |
Vadims Podans PKI Developer

Hello everyone! While participating on StackOverflow.com, I’m observing common in-app certificate handling misuses in .NET applications and I want to share some thoughts on this. Today I would like to speak about handling X509Certificate2 object creation inside the application code, common problems in handling private key material, potential issues and how to overcome them. Problem…

Read More

ADCS certificate serial number generation algorithms – a comprehensive guide

By Vadims Podāns | November 4, 2020 |
Vadims Podans PKI Developer

Hello S-1-1-0, @Crypt32 is again on a failboatboard with new blog post. Today I will share information about a little-known portion in configuration of Microsoft ADCS Certification Authority – serial number generation algorithm. This article assumes big-endian encoding Certificate serial number requirements Every X.509 conforming CA generates a unique serial number for each issued certificate,…

Read More

Announcing the Online PKI Assessmental Portal

By ThePKIGuy | June 24, 2020 |
Guy on Laptop PKI Assessment Portal

I am extremely proud to announce that today we have launched our Online PKI Assessment Portal. This new service is the first of its kind to offer online, automated, self-paced review and assessments of Microsoft ADCS based PKIs. We have been performing onsite PKI Assessments for customers for years now. Typically focused on the design,…

Read More