It was recently announced that Google Chrome will be joining Apple Safari in implementing a change to publicly trusted SSL/TLS certificates. This change, however, will impact organizations operating their own internal PKI as well. While the change was initially submitted to the official CA/Browser Forum, the vote failed last year. However, both Apple and Google…
Read More
Now is the time to keep your PKI healthy – now more than ever. The key to operating and maintaining your PKI is understanding how it all works. We all know that PKIs are the foundational backbone of enterprise IT security, IoT, and industry specific security standards. Ensuring the security and integrity of your PKI…
Read More
Do you know where your organization’s secrets are kept? The modern IT landscape is filled with secrets: certificates, cryptocurrency wallets, SQL connection strings, storage account keys, passwords, and encryption keys. Getting a handle on secrets management can be a top challenge. Knowing where secrets are kept in the company is critical – and sometimes easier…
Read More
Quantum supremacy is looming…some year in the future. However, contrary to what you may have heard, the advent of quantum computing won’t spell the end to encryption as we know it. That is, if enterprises take the necessary steps to prepare for a post-quantum future. Enterprises must begin the process of assessing their current systems,…
Read More
If you joined our PKI Solutions Office Hours – our live Q&A – held on April 2, 2020 with Mark Cooper, Vadims Podāns, and Jacob Grandlienard, you were part of a lively PKI discussion. With questions around setting up permissions in ADCS, the pros and cons of where CDPs are located, and configuring NDES, this…
Read More
In our past blogs on the subject of Windows Server ADCS backups, we have touched on the issue of jet database logs not being truncated and deleted in some scenarios. https://www.pkisolutions.com/adcsbackups/ https://www.pkisolutions.com/database-log-files-are-not-truncated-when-you-perform-a-full-certification-authority-database-backup/ Specifically, if backups are performed via snapshot or non-VSS based backups and secondly, if any logs are still held open by the jet…
Read More
Join us for our PKI Solutions webinar series, kicking off March 26, 2020. This will be a year of talking quantum preparedness, validating SSL certificates, multi-cloud key management, ways to improve the security of your PKI, and more. Mark Cooper, aka The PKI Guy, will present and host the webinars. Learn PKI best practices and…
Read More
In a previous blog on Object Identifiers (OID) in PKI, I mentioned creating a certificate template for Remote Desktop Connection (RDP). In this blog, I will show how to create the template, why the OID and extensions are important, and how to implement it and remove self-signed certificate warnings from RDP connections. Prior to Windows…
Read More
This blog post is about programming and its purpose is to have a link to direct developers for explanation. Inspired from this list: Casting private key to RSACryptoServiceProvider not working Best way to initiate RSACryptoServiceProvider from x509Certificate2? Unable to cast object of type ‘RSACng’ to type ‘System.Security.Cryptography.RSACryptoServiceProvider’ RSACryptoServiceProvider not working in .net core Getting RSA…
Read More
[…] Solutions for their excellent posts on PKI in Active Directory, as well as their PSPKI PowerShell module, which our auditing toolkit is based […]