The PKI Blog

ASN.1 Editor v1.4 (Christmas Edition)

By Vadims Podāns | Dec 17, 2019

Hello world!I’m glad to announce a new version of ASN.1 Editor. I called this version as Christmas Edition, because it’s the end of the year. This version includes not only bug fixes, but some features.Changes in UI lookWhen I shared screenshot of ASN tree view, not all people figured what numbers next to node icon…

Read More

Managing Risk from TLS Inspection

By ThePKIGuy | Nov 27, 2019

Recently, the National Security Agency (NSA) published a guide to Managing Risk from Transport Layer Security Inspection. The guide is designed to highlight the unique risks introduced into environments by the use of TLS inspection appliances. It also covers a few recommendations on how to secure these devices. There are some additional areas we recommend…

Read More

A comprehensive RFP/RFI guide to procuring PKI and digital certificate solutions

By ThePKIGuy | Nov 25, 2019

We recently announced that we are working with Remme to expand our portfolio of PKI offerings and services for enterprises – designed to meet the evolving demands of public key encryption and certificate management. Together we have created a comprehensive template for organizations to use when starting a Request for Proposal (RFP) to find a…

Read More

How to Future-Proof IoT Security

By ThePKIGuy | Nov 5, 2019

“[A] connected device has the ability to cause more disruption, which could cause actual physical injury or even death,” warns Merritt Maxim, an analyst with Forester. We are surrounded by Internet of Things (IoT) in our everyday work and lives: temperature sensors, implantable insulin pumps, industrial water pumps, navigation systems, security cameras, commercial airliners. The…

Read More

Deleting certificates from Windows Certificate Store programmatically (PowerShell and C#)

By Vadims Podāns | Oct 2, 2019

Yesterday I went through one thread on Reddit: New to PS and want to create a script to clear all personal certificates from a local machine and something was suspicious to me. Then I went further and asked google for similar question and examined first page: Delete certificate from Computer Store Removing a certificate from…

Read More

PowerShell PKI Module v3.4.2 and upcoming plans

By Vadims Podāns | Aug 26, 2019

I’m glad to announce that a new version of PowerShell PKI (PSPKI) module is released. It is available for installation from PowerShell Gallery: PSPKI was in stable development for last year and most changes are bug fixes and usability improvements. Release notes for v3.4.2: However, it doesn’t mean that the module is done…

Read More

Basic Constraints certificate extension

By Vadims Podāns | Aug 12, 2019

Hello everyone! Today I’m going to talk about X.509 Basic Constraints certificate extension. Basic Constraints is an X.509 Version 3 certificate extension and is used to identify the type of the certificate holder/subject. In the past (prior to version 3 X.509 certificates) it was impossible to identify who is the subject: CA certificate or end…

Read More

SHAKEN/STIR is Getting Real

By ThePKIGuy | Aug 5, 2019

The Federal Communications Commission (FCC) estimates robocalls will constitute more than half of all phone calls placed in the U.S. this year. In an effort to end to this, the FCC and major telecommunications companies including Comcast, AT&T, and T-Mobile have lined up behind a new standard called SHAKEN/STIR (Signature-based Handling of Asserted Information using…

Read More

Database log files are not truncated when you perform a full Certification Authority database backup

By Vadims Podāns | Aug 2, 2019

As part of joining PKI Solutions, several blog posts from my old site are re-posted here for visibility and thoroughness. April 1, 2020 – The issue described here is applicable to Windows Server 2016 and older. Windows Server 2019 has changed the behavior of log truncation – when a backup is performed, all unused logs…

Read More