Certreq
Hidden switches of Certutil.exe and Certreq.exe
Hey Kids, Rock and Roll! Two of the most reliable toolsets in Windows for the last two decades have been the tandem of certutil.exe and certreq.exe. It’s no secret there are a wealth of very useful functions exposed in the basic usage of these tools, also documented publicly here: certutil.exe public documentation certreq.exe public documentation…
Read MoreManaging Risk from TLS Inspection
Recently, the National Security Agency (NSA) published a guide to Managing Risk from Transport Layer Security Inspection. The guide is designed to highlight the unique risks introduced into environments by the use of TLS inspection appliances. It also covers a few recommendations on how to secure these devices. There are some additional areas we recommend…
Read MoreYou cannot submit a certificate request generated by Exchange Management Console (EMC) or Exchange Management Shell (EMS) to CA
As part of joining PKI Solutions, several blog posts from my old site are re-posted here for visibility and thoroughness. You create certificate certificate by using either Exchange Management Console (EMC) or Exchange Management Shell (EMS) and save it to a file. When you attempt to submit certificate request to a Windows-based Certification Authority (CA)…
Read MoreSubmitting Netscape SPKI (SPKAC) Cert Requests to ADCS
Recently I was contacted on Twitter with a question about Microsoft’s support of Signed Public Key and Challenge (Netscape SPKI) for certificate enrollment requests. I have long taught in my classes that there are a number of formats supported by ADCS for certificate requests. So I consulted one of the tables I talk about in…
Read More