All About SSL and PKI

A one-liner to display all contents of a SSL public key file ... [Read More]

Use ssh-keygen to convert an OPENSSH key to RSA format ... [Read More]

Learn how to use private certificate files to automatically authenticate to SSH servers. No password needed! ... [Read More]

A guide on how to fix SSH cert authentication when it doesn't work ... [Read More]

In this guide we take a look on how to create a PFX file, if you need just the opposite: extracting the private, public keys from a PFX file, follow the tutorial here ... [Read More]

A pfx file is technically a container that contains the private key, public key of an SSL certificate, packed together with the signer CA's certificate all in one in a password protected single file. Here are the steps to extract ... [Read More]

Does expired mean it is not working anymore? When an SSL certificate is signed, it gets an expiry date. It doesn't matter if it is "self-signed" - meaning that a not trusted server signed it (for instance the webserver itself) ... [Read More]

In this short guide we have create a free Let's Encrypt wildcard certificate. Before you Begin We'll need a fresh installation of Ubuntu or Debian linux. The box doesn't need to b e publicly accessible as we will use DNS ... [Read More]

This guide is for on-premises Exchange deployments. If you are interested in enforced TLS on Office365 tenants, please click HERE Opportunistic Exchange - like most modern email systems - has the facility to transfer email messages encrypted. It is to ... [Read More]

We established in part1 why the key exchange takes place, if you missed that part click HERE to check it out. Basically the client and the server agree on a key that they can use to encrypt the rest of ... [Read More]

I’ve recently encountered a situation where a smaller company needed a VPN server, using SSTP, so they tried to set up an SSL certificate for their service to encrypt their client VPN tunnels with. It was a Windows server, and ... [Read More]

What is PKI and why do we need it? PKI stands for Public Key Infrastructure, that utilizes public and private key asymmetric encryption to create an encrypted channel between two parties through a public medium. Let’s see what we mean ... [Read More]

If you desperately need an SSL certificate signed by a publicly trusted CA, and you want it for free, Let’s Encrypt is certainly an option. They are valid for 3 months, and even though linux boxes are equipped to request ... [Read More]