Category Archives: Certificates

SSL Certificates and SAN – What domain names are valid?

An SSL certificate has a field called Subject. The Subject field contains the domain name that the certificate is valid for. Subject can only contain one domain name: The field Subject can have more information, like the screenshot below, but … Continue reading

Posted in Certificates, PKI, SAN, SSL | Tagged , , , | Leave a comment

Get a free publicly trusted SSL-certificate

This blog post will guide you through the steps of obtaining a publicly trusted SSL certificate with up to 5 domain names, at no cost. There are no hidden costs, ads or referrals involved. You do need to be able … Continue reading

Posted in Certificates, PKI | Tagged , , , | 4 Comments

Require SSL on NDES admin site via PowerShell

Best Practices from Microsoft when deploying Network Device Enrollment Service (available here) states: “Always set up the administrator site with SSL-only configuration. (Disable http access to this site.)” This is to protect the sensitive One Time Passwords that are transmitted … Continue reading

Posted in CA, Certificates, NDES, PKI, SCEP | Tagged , , , | 6 Comments

Quick access to the Certificate snap-ins

Are you also opening the local certificate snap-ins by first running mmc.exe and then adding the Certificate snap-ins manually? I’ve done that sooo many times that I’ve gotten pretty fast at it. A faster way is to type certmgr.msc for … Continue reading

Posted in Certificates, PKI | Tagged , , , | Leave a comment

What is the difference between the formats "DER encoded" and "Base64 encoded" when exporting a certificate?

I am often asked what the difference between the following certificate export options are: The first option exports the certifcate encoded in the format Distinguished Encoding Rules, which is a binary format. The second option exports the certificate encoded with … Continue reading

Posted in Certificates, PKI | Tagged , , , , , , , | 2 Comments

Internet Explorer and revocation check failure

Internet Explorer normally warns you if the server you visit have any certificate issues. Some examples: The certificate has another Subject than the URL you used to access it: The certificate was issued by a CA that your computer do … Continue reading

Posted in CA, Certificates, CRL, PKI | 1 Comment