The PKI Blog

Changes to SSL/TLS Certificate Validity Periods – September 2020

By ThePKIGuy | Jun 17, 2020
Validity Period Changes to SSL/TLS Certificate PKI

It was recently announced that Google Chrome will be joining Apple Safari in implementing a change to publicly trusted SSL/TLS certificates. This change, however, will impact organizations operating their own internal PKI as well. While the change was initially submitted to the official CA/Browser Forum, the vote failed last year. However, both Apple and Google…

Read More

Our Advanced PKI Training Course Is Now Online

By ThePKIGuy | May 7, 2020
ADCS Advance Training Course PKI Solutions

Now is the time to keep your PKI healthy – now more than ever. The key to operating and maintaining your PKI is understanding how it all works. We all know that PKIs are the foundational backbone of enterprise IT security, IoT, and industry specific security standards. Ensuring the security and integrity of your PKI…

Read More

Are You Managing Your Secrets?

By ThePKIGuy | Apr 23, 2020
Is Your Binary Locked? PKI Solutions

Do you know where your organization’s secrets are kept? The modern IT landscape is filled with secrets: certificates, cryptocurrency wallets, SQL connection strings, storage account keys, passwords, and encryption keys. Getting a handle on secrets management can be a top challenge. Knowing where secrets are kept in the company is critical – and sometimes easier…

Read More

Are You Preparing for Quantum?

By ThePKIGuy | Apr 9, 2020
Technology Prototype PKI

Quantum supremacy is looming…some year in the future. However, contrary to what you may have heard, the advent of quantum computing won’t spell the end to encryption as we know it. That is, if enterprises take the necessary steps to prepare for a post-quantum future. Enterprises must begin the process of assessing their current systems,…

Read More

PKI Solutions Live Q&A

By Kelly Stremel | Apr 3, 2020
PKI Solutions Office Hours

If you joined our PKI Solutions Office Hours – our live Q&A – held on April 2, 2020 with Mark Cooper, Vadims Podāns, and Jacob Grandlienard, you were part of a lively PKI discussion. With questions around setting up permissions in ADCS, the pros and cons of where CDPs are located, and configuring NDES, this…

Read More

ADCS Database Log Truncation Change in Server 2019

By ThePKIGuy | Apr 1, 2020
Certlog PKI

In our past blogs on the subject of Windows Server ADCS backups, we have touched on the issue of jet database logs not being truncated and deleted in some scenarios. Specifically, if backups are performed via snapshot or non-VSS based backups and secondly, if any logs are still held open by the jet…

Read More

PKI Solutions Webinar Series

By Kelly Stremel | Mar 24, 2020
PKI Solutions Webinar Series

Join us for our PKI Solutions webinar series, kicking off March 26, 2020. This will be a year of talking quantum preparedness, validating SSL certificates, multi-cloud key management, ways to improve the security of your PKI, and more. Mark Cooper, aka The PKI Guy, will present and host the webinars. Learn PKI best practices and…

Read More

Creating RDP Certificates

By Jake Grandlienard | Mar 5, 2020
Jake Grandlienard PKI Solutions Consultant

In a previous blog on Object Identifiers (OID) in PKI, I mentioned creating a certificate template for Remote Desktop Connection (RDP).  In this blog, I will show how to create the template, why the OID and extensions are important, and how to implement it and remove self-signed certificate warnings from RDP connections. Prior to Windows…

Read More

Accessing and using certificate private keys in .NET Framework/.NET Core

By Vadims Podāns | Feb 24, 2020
PKI Solutions Logo

This blog post is about programming and its purpose is to have a link to direct developers for explanation. Inspired from this list: Casting private key to RSACryptoServiceProvider not working Best way to initiate RSACryptoServiceProvider from x509Certificate2? Unable to cast object of type ‘RSACng’ to type ‘System.Security.Cryptography.RSACryptoServiceProvider’ RSACryptoServiceProvider not working in .net core Getting RSA…

Read More

1 Comment

  1. […] Solutions for their excellent posts on PKI in Active Directory, as well as their PSPKI PowerShell module, which our auditing toolkit is based […]