Posts by Mike Cooper
How To Create Certificates in PKCS12 on Windows, Linux, and MacOS
Learn How To Automate Certificate Creation in PKCS12 on Windows, Linux, Mac from Microsoft PKI Applications (especially Java applications) that use HTTPS (SSL/TLS) require X.509 certificates to be provided typically in a PKCS#12 (PKCS12, P12) file. This post describes how you can automatically create certificates in PKCS12 from a Microsoft PKI Certificate Authority or GlobalSign…
Read MoreMacOS Certificate Auto Enrollment With Microsoft CA
MacOS Certificate Auto Enrollment With Microsoft CA There is no free MacOS (MacOS X) “client” which provides Auto Enrollment or integrates with the Microsoft PKI like the one built into Microsoft Windows. However, there are commercial options which provide very similar abilities, one in particular which is actually easy to install, use, and won’t…
Read MoreMS-WCCE Automated Solution for MacOS
MS-WCCE Automated Solution for MacOS Windows systems have long supported Microsoft Windows Client Certificate Enrollment (MS-WCCE) which provides automatic X.509 certificate deployment and renewal with Microsoft Active Directory Certificate Services (ADCS). Apple’s MacOS (MacOS X) systems have no MS-WCCE support or any other built-in automated integration with ADCS. This is a key reason we created…
Read MoreWhy Self-Signed Certificates Are Evil And Alternatives That Are Good
Learn Why Self-Signed Certificates Are Evil And Alternatives That Are Good Self-signed X.509 digital certificates are often used inside enterprises of all sizes on devices and application servers which use HTTPS. Its often so common place in some enterprises that its easy to forget self-signed certificates are evil. Maybe not evil in a deliberate sense,…
Read MoreCertAccord – How To Create Trusted Certificates From Command Line On MacOS
CertAccord© – How To Create Trusted Certificates From Command Line On MacOS Creating a trusted X.509 certificate on Apple’s MacOS (as well as Linux) is fast and simple using CertAccord Enterprise. Most any IT system administrator can create certificates without having to be a PKI expert. Often times IT staff are thinking about how to…
Read MoreHow To Configure GlassFish With Fully Managed TLS Certificates in JKS
GlassFish is an open source Java application server from Eclipse typically run on Red Hat Enterprise Linux (RHEL), CentOS, Ubuntu Server, MacOS, and Windows Server. This guide will walk you through the steps of configuring a GlassFish server to use an X.509 certificate created from Microsoft ADCS (PKI). GlassFish uses a certificate to provide secure…
Read MoreUsing CertAccord Enterprise to Secure VPN/Network Authentication
Learn About Using CertAccord Enterprise to Secure VPN/Network Authentication One of the more popular uses of CertAccord© Enterprise is to create X.509 Certificates providing ClientAuthentication for Virtual Private Network (VPN) authentication. Many enterprises are moving from username & password based VPN authentication to X.509 certificate authentication. One of the challenges in this transition is how…
Read MoreHow to Configure Apache Tomcat With Fully Managed TLS Certificates
Apache Tomcat is a popular open source application server used on Red Hat Enterprise Linux (RHEL), Ubuntu Server, other Linux distributions, MacOS, and Windows Server. One of the most critical best practices for securing Tomcat is to configure SSL/TLS (HTTPS) using a trusted certificate from your enterprise CA or commercial CA. Most of the documentation…
Read MoreHow To Create Trusted X.509 Certificates On Linux
Learn How To Create Trusted X.509 Certificates On Linux Creating trusted enterprise certificates on Linux has never been easy, but it can be. In the traditional process you have to create a private key, create a Certificate Signing Request (CSR), submit the CSR to a Certificate Authority (CA), retrieve the issued certificate, install it, and…
Read MoreLinux Certificate Auto Enrollment With Microsoft CA
Learn About Linux Certificate Auto Enrollment With Microsoft Certificate Authority There is no free Linux “client” which provides Auto Enrollment of X.509 certificates or integrates with the Microsoft PKI like the Auto Enrollment built into Microsoft Windows. However, there are commercial options which provide very similar abilities, one in particular which is actually easy…
Read More