Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [certificate]

Certificates are a Public Key and Identifying Information

Within public key cryptography (such as that used in SSL and TLS), you have both a private key (that you keep secret), and a public key (that you share widely).

In order to avoid MITM (Man In The Middle) attacks, rather than publishing just the raw public key, you normally share a Certificate. The Certificate contains your public key, along with information identifying you (such as the hostname of your website, and your organisation). The identifying information is authenticated by a Certificate Authority (CA), and can be used to ensure you're talking to the right person.

Certificates are normally issued by a Public Certificate Authority, but they can be self signed (the certificate is its own CA), or issued by a private CA.

1327 questions
0
votes
1 answer

Replace IIS certificate in IIS version 6.1

I wanted to change a certificate, the certificate is in an IIS v6.1. I went to IIS management console and issued a new Certificate Request, the certification autority then elaborated my request and sent me back 4 files crt. lets say that the…
Malkavian
  • 125
  • 2
  • 12
0
votes
0 answers

ADCS Change AIA information from existing certificate

We have built a tier 2 PKI. Recently we decided to start hosting our CDP & AIA on a seperate webserver. However this was not originally in the design, so now we have problems with the certificate chain as the webserver is included on the Root…
kevin rennenberg
  • 73
  • 1
  • 13
0
votes
1 answer

Requirements for certificates to sign PDFs in Adobe Reader?

I'm trying to set up PDF digital signatures using certificates generated by openssl. I have generated a CA certificate, and used that to sign end user certificates, which I archive in PKCS#12 format. I have imported and trusted the CA certificate in…
Andrew Roos
  • 1
  • 1
0
votes
1 answer

Cert Hostname DOES NOT VERIFY

I've created a mail server with https://github.com/tomav/docker-mailserver. Everything works, except the certificate. I have tested the TLS on CheckTLS.com and I've got the following output messages: As you can see on the image, it says, that Cert…
zero_coding
  • 111
  • 1
  • 4
0
votes
1 answer

IKev2 VPN Event ID 20209 - Server Authentication

I have made only one certificate for VPN access with ikev2. Within 2 days i got event id 20209, even though I didn't tried to connect. The certificate is still with me and no one else has access to it. But event viewer states that A connection…
Bhavya Gupta
  • 111
  • 3
0
votes
1 answer

Multi Domain Infopath Code Signing with In House CA

We have forms developed in infopath that work with Sharepoint 2007. In order to deploy these forms to local clients you need to sign them with a certificate. We have an in house CA that is inside a domain that is part of a multi domain forest.…
maxtopus
  • 100
  • 2
  • 9
0
votes
0 answers

Trusting a Self Signed Certificate on RHEL7

I'm running into an issue where I'm trying to import a self-signed certificate of one of our servers to one of our development boxes. I've tried adding the .cer file from the server to /etc/pki/ca-trust/source (and have tried /anchor as well) then…
KMoberg
  • 1
  • 1
0
votes
0 answers

Unable to renew Certificate on Windows 10 in domain

I'm trying to renew my computer certificates on a in domain laptop but I get "RPC Server is unavailable", error code 1722. On other laptops the same procedure works. What can I do? I've opened mmc and then "Personal-All Tasks->Request new…
Manuel Castro
  • 101
  • 1
-1
votes
1 answer

Renew the chain certificate from p12 file

I have the ROOT, chain certificates, p12 key and key password. I don’t have the CA root key details. My requirement is, I need to do renew the chain certificate by using these. Without change the signature value Please help me on…
Sreenivasulu
  • 1
-1
votes
1 answer

Self signed ssl I created for localhost cannot be trusted even though I have already imported it to chrome

I generated a certificate using ssl by running the script from the following link: https://gist.github.com/bjanderson/075fadfccdd12623ab935e57eff58eb4 The script ran just fine and I received all the expected files. I've imported the ca.crt to my…
alexW
  • 81
  • 1
  • 2
  • 4
-1
votes
1 answer

NGINX two domains SSL presents wrong cert

I have two domains, both of which are wildcards. Both use https only eg. *.example.something.com *.example.com The issue is that nginx seems to always present the default certificate (example.something.com), which is not valid, when I go to…
keniah
  • 1
  • 1
-1
votes
2 answers

block Certificate authority server

is this possible to block a specific TLS CA(certificate authority) on network ? for example block all certs that is issued by letsencrypt on my network is there any ip or host name for blocking ?
neb
  • 111
  • 1
-1
votes
1 answer

What's a quick/secure way to set up a valid https certificate for a NAS without domain control?

I'm operating several NAS devices on my employer's LAN. I do so with the employer's blessing, but I do not have control over the domain, and the devices are only available to a small working group on the LAN, and not accessible from outside the WAN…
Zak
  • 99
  • 1
-1
votes
1 answer

Netflix using self signed certificates?

I recently ran into problems running an apple tv with netflix at my work. After some digging around our sonicwall firewall with one of their support techs we found the service being blocked by the certificate netflix was passing. Apparently the…
xtextedx
  • 1
  • 1
-1
votes
1 answer

Why does windows 10 still keeps expired certificates?

Looking at Windows 10 certificate store, I noticed some expired certificates: Win certificate store I wonder: Why does W10 still keeps expired certificates? I thought the were automatically removed after an "expiry grace time". Can all the expired…
Katsuro Kurosaki
  • 1
  • 1
1 2 3
88 89