The PKI Guy Blog

Understanding Microsoft Cryptographic Service Providers

By Mark B. Cooper aka "The PKI Guy" | Feb 28, 2018

A common question I often get from customers and students is about Microsoft’s Cryptographic Service Providers (CSP). The CSPs are responsible for creating, storing and accessing cryptographic keys – the underpinnings of any certificate and PKI. These keys can be symmetric or asymmetric, RSA, Elliptical Key or a host of others such as DES, 3DES, and…

Read More

PKI Solutions logo contest!

By Mark B. Cooper aka "The PKI Guy" | Feb 23, 2018

We’re pleased to announce that we’re unveiling our new company logo on our website today. The PKIGuy and the rest of the team here are excited to welcome you to our first-ever PKI Solutions logo contest! Since cryptography is the art of writing and solving codes, we decided to have some fun with the roll-out…

Read More

Backing up ADCS Certificate Authorities (Part 2 of 2)

By Mark B. Cooper aka "The PKI Guy" | Jan 11, 2018

In my last blog post (Backing up ADCS Certificate Authorities Part 1) I covered the inner workings of how ADCS and the Jet database works to maintain the CA data. In this post I am going to go over a comprehensive PowerShell script that I wrote to perform a full backup of all necessary ADCS…

Read More

Backing up ADCS Certificate Authorities (Part 1 of 2)

By Mark B. Cooper aka "The PKI Guy" | Dec 14, 2017

One of the areas I have spoken about extensively at conferences and cover in my training classes is the unique issues associated with backing up and managing your ADCS Certificate Authority. There are several items I would like to address in this two-part series: CA Database and log file structure Unique issues with VM Snapshots with…

Read More

2018 Training Class Schedule

By Mark B. Cooper aka "The PKI Guy" | Oct 25, 2017

It’s here, the 2018 PKI Training schedule is now live and accepting registrations. There are three In-Depth classes and three Advanced PKI classes split between the US and Europe. Be sure to check out the schedule and register early as classes usually sell-out in advance. PKI In-Depth Class Portland, Oregon: March 26-30, 2018 Washington DC:…

Read More

Book Recommendation – Hacking the Hacker (Roger Grimes)

By Mark B. Cooper aka "The PKI Guy" | Jun 5, 2017

Book Recommendation A good friend of mine I met while at Microsoft just had one of his books released. Roger is a Security Columnist for InfoWorld and is a pretty dang sharp guy. His new book, Hacking the Hacker has some good information in many different areas confronting modern cybersecurity specialists. Of particular interest to…

Read More

PKI Solutions Announces Training Scholarships for PDX Cyber Camp 2017

By Mark B. Cooper aka "The PKI Guy" | May 3, 2017

I am pleased to announce that in partnership with the PDX Cyber Camp, PKI Solutions has created a scholarship for 3 young students attending the PDX Cyber Camp to attend one of my PKI In-Depth training classes this year. This will be a great way to offer these students an exposure to PKI and all of…

Read More

Help a SME Out – Don’t Guess at Template Settings

By Mark B. Cooper aka "The PKI Guy" | May 2, 2017

One of the areas we spend time on in the PKI In-Depth class is learning about Certificate Templates. There are a lot of tabs in the template manager and a lot of specific settings on those tabs. I can certainly understand the desire to click those pretty checkboxes, toggle radio buttons and get lost in…

Read More

Ignore Revocation Checking – The bane of my existence!

By Mark B. Cooper aka "The PKI Guy" | Apr 20, 2017

As students in my PKI training classes know, one of the areas I am a vocal about is the blind use of the CRLF_REVCHECK_IGNORE_OFFLINE setting in a PKI environment. I am so adamantly against the use of this setting, I personally refuse to ever explicitly share or type the syntax to enable this nasty beast.…

Read More