The PKI Blog

Register TLS certificate with Remote Desktop Service using PowerShell

By Vadims Podāns | Jul 6, 2021
Vadims Podans PKI Developer

Hello everyone! This is a quick blog post that provides information on how to register TLS certificate with Remote Desktop Services (RDS). Starting with Windows Server 2008 R2 it became extremely easy to deploy RDS certificates to AD hosts from private CA using group policies and Microsoft CA. Since then RDS over TLS should be…

Read More

Handling X509KeyStorageFlags in applications

By Vadims Podāns | Jun 21, 2021
Vadims Podans PKI Developer

Hello everyone! While participating on, I’m observing common in-app certificate handling misuses in .NET applications and I want to share some thoughts on this. Today I would like to speak about handling X509Certificate2 object creation inside the application code, common problems in handling private key material, potential issues and how to overcome them. Problem…

Read More

PKI Solutions – A Personal Journey and Trusted Business Solution

By Carolyn Ballo | May 10, 2021

Last summer while on lockdown along with the rest of the world, I was presented with an opportunity to work for PKI Solutions, a global leader in PKI consulting and professional services based in Portland, OR.  At the time, I was managing my sales and marketing business and considered taking on more work. There was…

Read More

Just Released – Licensing Options for Our PKI Tools

By ThePKIGuy | May 7, 2021
Mark Cooper President & Founder PKI Solutions

I am pleased to announce that based on overwhelming demand, starting today we are now providing licensed and supported versions of our most popular PKI tools – PowerShell PKI Module, ASN.1 Editor, and the SSL Certificate Verifier. Available in single user or enterprise licenses and includes 12-months of support for the tool. The licensing model…

Read More

PowerShell File Checksum Integrity Verifier (PsFCIV)

By Vadims Podāns | Mar 29, 2021
Vadims Podans PKI Developer

Today I’m glad to announce a PowerShell File Checksum Integrity Verifier (hereinafter PsFCIV) availability as a standalone package. Years ago a friend of mine asked to develop a PowerShell script that would replace a now-discontinued Microsoft File Checksum Integrity Verifier (FCIV) tool that is an essential utility to check integrity of large file shares. While…

Read More

Request extension processing in Active Directory Certification Authority

By Vadims Podāns | Feb 2, 2021
Vadims Podans PKI Developer

Hello S-1-1-0, Crypt32 is on air! Today I want to explain how ADCS Certification Authority processes extensions from incoming requests and certificate templates. Every X.509 V3 certificate contains certificate extensions to include extra information about certificate owner, issuer, intended usages, limitations/constraints. CA utilize multiple sources to generate extension list to be included in signed certificate,…

Read More

Name Constraints Extension

By Naheed Jivani | Jan 19, 2021
Naheed Jivani PKI Solutions Consultant

The Name Constraints extension indicates to the relying party what namespaces are acceptable for the various hierarchical name forms such as DN, DNS names, URL, IP address, RFC 822 names, UPN, etc.  The extension is only valid for a CA certificate.  There are two components for this as defined in as: Permitted Subtree(s):  This…

Read More

Changes to the Online Assessment Portal Program

By ThePKIGuy | Jan 13, 2021
Guy on Laptop PKI Assessment Portal

Since the launch of our Online Assessment Program in 2020, we have seen incredible interest in the ability to perform a thorough review and assessment of an organization’s PKI without the expense and effort of working with a consultant onsite. The self-paced, on-demand approach was an industry first for reviewing and assessing the configuration, health,…

Read More

RPKI – The most important Internet security component you never heard of.

By Peter DiToro | Dec 9, 2020
Peter DiToro Strategic Advisor For PKI Solutions

What do AWS, Radware, Nintendo, Google, and Facebook all have in common (other than being some of the smartest actors in internet commerce)? Over the past 18 months, they have all been impacted by outages traceable to the Border Gateway Protocol (BGP). The BGP was designed in 1994, literally on a napkin, to route data…

Read More

1 Comment

  1. […] Solutions for their excellent posts on PKI in Active Directory, as well as their PSPKI PowerShell module, which our auditing toolkit is based […]