Posts by Mike Cooper
How to Configure Apache Tomcat With Fully Managed TLS Certificates
Apache Tomcat is a popular open source application server used on Red Hat Enterprise Linux (RHEL), Ubuntu Server, other Linux distributions, MacOS, and Windows Server. One of the most critical best practices for securing Tomcat is to configure SSL/TLS (HTTPS) using a trusted certificate from your enterprise CA or commercial CA. Most of the documentation…
Read MoreHow To Create Trusted X.509 Certificates On Linux
Learn How To Create Trusted X.509 Certificates On Linux Creating trusted enterprise certificates on Linux has never been easy, but it can be. In the traditional process you have to create a private key, create a Certificate Signing Request (CSR), submit the CSR to a Certificate Authority (CA), retrieve the issued certificate, install it, and…
Read MoreLinux Certificate Auto Enrollment With Microsoft CA
Learn About Linux Certificate Auto Enrollment With Microsoft Certificate Authority There is no free Linux “client” which provides Auto Enrollment of X.509 certificates or integrates with the Microsoft PKI like the Auto Enrollment built into Microsoft Windows. However, there are commercial options which provide very similar abilities, one in particular which is actually easy…
Read MoreHow To Create And Manage Certificates in JKS on Windows, Linux, and MacOS
Learn How To Automate JKS on Windows, Linux, Mac from Microsoft PKI Applications (especially Java applications) that use HTTPS (SSL/TLS) require X.509 certificates to be provided typically in a Java Key Store (JKS) or PKCS#12 file. This post describes how you can automatically create certificates in JKS from a Microsoft PKI Certificate Authority or GlobalSign…
Read MoreBest Practices for Securing Private Keys
Best Practices for Securing Private Keys When you leave home do you lock the front door but leave the key in the lock? That’s the same thing as creating a private key but not protecting it. Access to a private key can let an attacker fraudulently sign application content or impersonate a site’s identity. Common sense…
Read MoreAutomating X.509 Certificate Application Integration with CertAccord Certificate Appliers
Learn how to Automate Integration of Applications with SSL/TLS Certificates from Microsoft PKI Automatically creating and renewing X.509 certificates on Linux, Mac, and Windows from Microsoft ADCS PKI is simple and quick when using CertAccord© Enterprise. You can take that a step further and automatically integrate certificates with the applications that use them using Certificate…
Read MoreHow To Create Trusted X.509 Certificates On MacOS X
Learn How To Create Trusted X.509 Certificates on MacOS X from Microsoft ADCS Creating trusted enterprise certificates on Apple’s MacOS X has never been easy, but it can be. In the traditional process you have to create a private key, create a Certificate Signing Request (CSR), submit the CSR to a Certificate Authority (CA) such…
Read MoreConfiguring Apache HTTPD TLS Using Microsoft ADCS Certificates
Learn How to Configure Apache HTTPD TLS Using Microsoft ADCS Certificates This quick guide will give you step-by-step instructions on how to configure Apache HTTPD on Linux with TLS (SSL) using an x.509 certificate issued from a Microsoft Active Directory Certificate Services (ADCS) PKI environment. We will cover two methods of achieving this both of…
Read MoreCertificate Auto-Enrollment of Linux/Mac End Points for 802.1x EAP-TLS
Certificate Auto-Enrollment of Linux/Mac End Points for 802.1x EAP-TLS The 802.1x IEEE standard provides identity-based access control at the network edge. When implemented with EAP-TLS and X.509 certificates it can provide excellent security and access control at the network port level. This document provides an overview of 802.1x and how to provide the required X.509…
Read MoreCertAccord Enterprise 7.0
CertAccord™ Enterprise 7.0 Features Improved Machine Identity Certificate Provisioning CertAccord Enterprise 7.0 by Revocent, Inc. provides improved automated deployments of X.509 Machine Identity Certificates between Microsoft ADCS PKI and Linux/Mac endpoints. Additionally this release features deeper integration with Microsoft ADCS with the support of certificate revocation and numerous improvements to the CertAccord Enterprise Management Console…
Read More