Category: PKI

Backups Database Hardware Security Modules Hotfixes Maintenance Offline CA PKI

Backing up ADCS Certificate Authorities (Part 2 of 2)

In my last blog post (Backing up ADCS Certificate Authorities Part 1) I covered the inner workings of how ADCS and the Jet database works to maintain the CA data. In this post I am going to go over a comprehensive PowerShell script that I

Read More
  • January 11, 2018

Backups Database Hardware Security Modules Hotfixes Maintenance Offline CA PKI

Backing up ADCS Certificate Authorities (Part 1 of 2)

One of the areas I have spoken about extensively at conferences and cover in my training classes is the unique issues associated with backing up and managing your ADCS Certificate Authority. There are several items I would like to address in this two-part series:

CA

Read More
  • December 14, 2017

PKI

2018 Training Class Schedule

It’s here, the 2018 PKI Training schedule is now live and accepting registrations. There are three In-Depth classes and three Advanced PKI classes split between the US and Europe. Be sure to check out the schedule and register early as classes usually sell-out in advance.
Read More

  • October 25, 2017

Certificate Templates Documentation Hall of Shame PKI

Help a SME Out – Don’t Guess at Template Settings

One of the areas we spend time on in the PKI In-Depth class is learning about Certificate Templates. There are a lot of tabs in the template manager and a lot of specific settings on those tabs. I can certainly understand the desire to click

Read More
  • May 2, 2017

Certificate Validation Certutil Documentation Hall of Shame Internet Explorer Offline CA PKI Revocation Watch Out

Ignore Revocation Checking – The bane of my existence!

As students in my PKI training classes know, one of the areas I am a vocal about is the blind use of the CRLF_REVCHECK_IGNORE_OFFLINE setting in a PKI environment. I am so adamantly against the use of this setting, I personally refuse to ever explicitly

Read More
  • April 20, 2017

Certificate Validation Internet Explorer PKI Revocation RFCs Watch Out

What Your Browser Doesn’t Tell You Can Hurt You – Revocation and Internet Explorer

One of the topics I have been using as an example of revocation checking behavior in my PKI In-Depth class is the interesting case of Internet Explorer (IE) and its revocation behavior. Let’s take a moment and have you think about your assumption of how

Read More
  • February 11, 2017

Certificate Templates Certificate Validation Hash Algorithms Known Issues PKI

RSASSA-PSS – Why Your Certificate Can’t Be Validated

A common theme has been arriving in my email box lately as well as many online forums. Consistently people are reporting error with certificates issued by their internal Microsoft ADCS based CAs. Problems range from Apple devices, Firefox, appliances and many other systems. When people

Read More
  • February 1, 2017

  © Copyright 2013-2018 PKI Solutions Inc. // All Rights Reserved // Terms of Service // Privacy Policy // Pricing and Refund Policies