Tag Archives: Certificates

What is the difference between the formats "DER encoded" and "Base64 encoded" when exporting a certificate?

I am often asked what the difference between the following certificate export options are: The first option exports the certifcate encoded in the format Distinguished Encoding Rules, which is a binary format. The second option exports the certificate encoded with … Continue reading

Posted in Certificates, PKI | Tagged , , , , , , , | 2 Comments

Delete certificates on smart cards

If you want to delete existing certificates on a smart card, follow these steps: Start PowerShell (or cmd, since we do not actually use PS-commands) Insert the smart card in a reader Run the command certutil -scinfo Enter PIN if … Continue reading

Posted in PKI, smart card | Tagged , | Leave a comment

Which Root CAs do you really trust?

When I ask people which Root CAs they trust, they usually show me the list in Trusted Root Certification Authorities. Like this one, from a freshly installed Windows Server 2012: But that is actually not the entire truth. If I … Continue reading

Posted in PKI | Tagged , , , , , , | 2 Comments