Posts by Mike Cooper
How To Create Trusted X.509 Certificates On MacOS
Learn How To Create Trusted X.509 Certificates on MacOS from Microsoft ADCS Creating trusted enterprise certificates on Apple’s MacOS has never been easy, but it can be. In the traditional process you have to create a private key, create a Certificate Signing Request (CSR), submit the CSR to a Certificate Authority (CA) such as Microsoft…
Read MoreHow to Detect Expiring Certificates
How to Detect Expiring Certificates Elephants and Other Hi-Tech Methods All X.509 digital certificates expire. It’s only a question of time. If you follow best practices then your end point certificates expire in two years or less. Once a certificate is expired it is considered invalid and likely will cause some kind of service outage. …
Read MoreCertAccord – How To Create Trusted Certificates From Command Line On Linux
CertAccord – How To Create Trusted Certificates From Command Line On Linux Creating a trusted X.509 certificate on Linux (Red Hat Enterprise Linux (RHEL), Ubuntu Linux, and MacOS) is fast and simple using CertAccord Enterprise. Most any IT system administrator can create certificates without having to be a PKI expert. This article shows you how…
Read MoreBest Practices for Securing Private Keys
Best Practices for Securing Private Keys When you leave home do you lock the front door but leave the key in the lock? That’s the same thing as creating a private key but not protecting it. Access to a private key can let an attacker fraudulently sign application content or impersonate a site’s identity. Common sense…
Read MoreHow to Configure Apache Tomcat With Fully Managed TLS Certificates
Apache Tomcat is a popular open source application server used on Red Hat Enterprise Linux (RHEL), Ubuntu Server, other Linux distributions, MacOS, and Windows Server. One of the most critical best practices for securing Tomcat is to configure SSL/TLS (HTTPS) using a trusted certificate from your enterprise CA or commercial CA. Most of the documentation…
Read MoreHow To Create And Manage Certificates in JKS on Windows, Linux, and MacOS
Learn How To Automate JKS on Windows, Linux, Mac from Microsoft PKI Applications (especially Java applications) that use HTTPS (SSL/TLS) require X.509 certificates to be provided typically in a Java Key Store (JKS) or PKCS#12 file. This post describes how you can automatically create certificates in JKS from a Microsoft PKI Certificate Authority or GlobalSign…
Read MoreHow To Create Certificates in PKCS12 on Windows, Linux, and MacOS
Learn How To Automate Certificate Creation in PKCS12 on Windows, Linux, Mac from Microsoft PKI Applications (especially Java applications) that use HTTPS (SSL/TLS) require X.509 certificates to be provided typically in a PKCS#12 (PKCS12, P12) file. This post describes how you can automatically create certificates in PKCS12 from a Microsoft PKI Certificate Authority or GlobalSign…
Read MoreCertAccord – How To Create Trusted Certificates From Command Line On MacOS
CertAccord© – How To Create Trusted Certificates From Command Line On MacOS Creating a trusted X.509 certificate on Apple’s MacOS (as well as Linux) is fast and simple using CertAccord Enterprise. Most any IT system administrator can create certificates without having to be a PKI expert. Often times IT staff are thinking about how to…
Read MoreMS-WCCE Automated Solution for Linux
MS-WCCE Automated Solution for Linux Windows systems have long supported Microsoft Windows Client Certificate Enrollment (MS-WCCE) which provides automatic X.509 certificate deployment and renewal with Microsoft Active Directory Certificate Services (ADCS). Linux systems have no MS-WCCE support or any other automated integration with ADCS. This is a key reason we created CertAccord Enterprise. Much like…
Read MoreConfiguring Apache HTTPD TLS Using Microsoft ADCS Certificates
Learn How to Configure Apache HTTPD TLS Using Microsoft ADCS Certificates This quick guide will give you step-by-step instructions on how to configure Apache HTTPD on Linux with TLS (SSL) using an x.509 certificate issued from a Microsoft Active Directory Certificate Services (ADCS) PKI environment. We will cover two methods of achieving this both of…
Read More