Questions tagged [certificate]

Certificates are a Public Key and Identifying Information

Within public key cryptography (such as that used in SSL and TLS), you have both a private key (that you keep secret), and a public key (that you share widely).

In order to avoid MITM (Man In The Middle) attacks, rather than publishing just the raw public key, you normally share a Certificate. The Certificate contains your public key, along with information identifying you (such as the hostname of your website, and your organisation). The identifying information is authenticated by a Certificate Authority (CA), and can be used to ensure you're talking to the right person.

Certificates are normally issued by a Public Certificate Authority, but they can be self signed (the certificate is its own CA), or issued by a private CA.

1327 questions

votes

2 answers

Thunderbird not trusting certificate signed with self-signed authority

I have generated a self-signed certificate authority using mydomain.org as the common name. I imported the public certificate using Thunderbird's certificate manager under the "Authorities" tab. So far so good. Next, using this CA, I have generated…

certificate-authority thunderbird certificate

asked Aug 20 '13 at 00:15

s3v3n

votes

1 answer

Is it possible to allow only some client certificates in Apache to login?

In my virtual host I have something like that: SSLEngine on SSLCertificateKeyFile /etc/apache2/ssl/svn.XXXXX.me.key SSLCertificateFile /etc/apache2/ssl/svn.XXXXX.me.crt SSLProtocol all SSLCipherSuite HIGH:MEDIUM …

apache-2.2 ssl ssl-certificate certificate mod-ssl

asked Apr 08 '13 at 15:17

Ency

1,231
1
19
27

votes

1 answer

Disabling strong private key encryption on a personal certificate

I am attempting to import a certificate into my current user's personal certificate store, since my server is required to sign certain requests it makes and the suggested instructions were to do this. I was able to do this successfully on a…

windows-server-2003 certificate

asked Jul 30 '09 at 15:39

Brian

votes

1 answer

Microsoft CA certificate templates expires sooner than expected

The certificates my Microsoft CA is generating do not match the time period indicated in the template used. How can I resolve this? I recently created a new certificate template for use on my Linux boxes on my Microsoft CA (2008 R2 Enterprise).…

certificate certificate-authority ad-certificate-services

asked Sep 20 '12 at 20:43

Tim Brigham

15,545
10
75
115

votes

1 answer

HTTPS and Certification for dummies

I had never used https on a site and now want to try it. I did some research, but not sure that I understood everything. Answers and corrections are greatly appreciated. Here we go: To use https I need to generate ‘private’ and ‘public’ keys for…

ssl https certificate ssl-certificate

asked Sep 17 '12 at 23:36

Vitaly Lebedev

votes

2 answers

Prevent copying (exporting) private key from one machine to another?

We are considering using digital certs to verify that the machine connecting to our VPN service is in fact a company-owned machine. So one of my co-workers here mentioned that for a knowledgable user (and our users are for the most part CompSci…

certificate

asked Aug 14 '12 at 19:59

Will Dennis

votes

3 answers

Can Windows log CryptoAPI CRL timouts?

I suspect that the process of building the CRL cache may cause latency in some applications. We have several .NET applications that occasionally "act slow" with no CPU or disk access. I suspect that they are hung up on authentication when trying to…

windows certificate encryption crl

asked Jun 02 '12 at 03:53

makerofthings7

8,911
34
121
197

votes

2 answers

Clearing Java certificates cache (force reload certificates)

A simple question here. One application gave me this exception when trying to access a website with a expired certificate: java.security.cert.CertificateExpiredException So, I renewed the certificated from the website machine and restarted it. When…

ssl java cache certificate

asked May 26 '12 at 09:24

Alberto Fernández

votes

1 answer

Automatically create Subject Alternate Name (SAN) Certificates

We are running an enterprise CA on Windows 2008R2. I just did an update to windows 7 on my workstation. Now every time I connect to a remote server using rdp I get a warning stating that the servername is wrong. This is because I use just the…

windows-server-2008-r2 certificate certificate-authority ad-certificate-services

asked Feb 17 '12 at 09:27

Jonathan

votes

2 answers

Opening certmgr.msc to display the Machine level certificates

I want to view the certificates installed at the machine level, if I open certmgr.msc. I am aware that we can open an mmc and app a snap in for certmgr. But I dont want to go that way. I am aware that we can use the certmgr.exe with the -s and -r…

windows-server-2003 iis-6 ssl-certificate certificate

asked Feb 07 '12 at 16:56

gmaran23

votes

4 answers

How to create a self-signed SSL certificate with subject alternate names (SAN) for IIS websites

Does anyone know how to create a self-signed SSL certificate for use with IIS (7) that has subject alternative names (SAN)s? I need the certificate to be able to validate the hostname AND the IP address like this: CN=MyServerName IP SAN:…

iis ssl website certificate

asked Aug 16 '11 at 14:54

Andy Arismendi

1,188
5
16
27

votes

2 answers

Syntax of certutil.exe?

On Windows, you can use certutil.exe to manage certificates. But it really has lots of options, and the command help (as much as Google) doesn't help clearly understanding it. What is the exact meaning of these commands, all of which should be able…

windows certificate

asked Jul 09 '11 at 11:35

Massimo

70,200
57
200
323

votes

2 answers

Ubuntu MySQL GUI logins with certificate/key

I will connect to MySQL on ubuntu cloud server everyday with Mysql Administrator and Mysql Query Browser GUI tools and I feel very slow in responding. I know it is possible to connect with ssh entering the below command in the terminal and then…

ubuntu mysql login certificate ssh-keys

asked May 28 '11 at 16:00

user53864

1,723
11
37
66

votes

2 answers

How do you install a certificate in a PFX file in to the personal container of the NT-AUTHORITY\NetworkService?

I have a .PXF file used to strongly name several of our .NET assemblies. VS2010/MSBUILD seems to expect this to be in the personal container for the user account running VS2010/MSBUILD. This is all just fine and dandy when working in an interactive…

certificate

asked Apr 19 '11 at 07:50

Pete Stensønes

votes

2 answers

WebSVN accept untrusted HTTPS certificate

I am using websvn with a remote repository. This repository uses https protocol. After having configured websvn I get on the websvn webpage: svn --non-interactive --config-dir /tmp list --xml --username '***' --password '***'…

https certificate svn

asked Jul 17 '10 at 20:47

Laurent

Prev 1 2 3

…

88 89 Next