Questions tagged [certificate-authority]
In cryptography, a certificate authority, or certification authority, (CA) is an entity that issues digital certificates.
818
questions
0
votes
0
answers
26
views
Smart card certificate used for authentication was not trusted - Windows Server
Help a newbie out here, new to everything and testing smart card authentication in Windows virtual machines.
I followed Yubikey's guide to allow smart cards to be used for login in Windows server. I ...
0
votes
0
answers
19
views
Windows Server 2019 Enterprise CA Certificate Request Error
I'm setting up a Windows Server 2019 Enterprise CA for my lab.
I am setting up a Windows CA server so I can lab various things on my Palo Alto firewall that rely on certificate services.
I am not very ...
0
votes
0
answers
60
views
Locating expired certificates in certsrv
I have a Windows Server 2016 CA I am attempting to get the CA working again. (i'm not very experienced in Windows Server, so I've been working it out as I go).
When looking at the certsrv properties, ...
1
vote
0
answers
33
views
One individual being served a different scrambled security certificate for our website? [closed]
We have set up a new certificate for our website using Let's Encrypt. We don't have customers using the site yet, but when we test it from multiple locations, almost everyone that goes to our site is ...
2
votes
2
answers
80
views
How to obtain authorization to access EKS cluster
Followed this document Cert Signing to get the certificate issued.
I created cluster role and role binding to test it.
$ kubectl auth can-i create pods --as=myserver
yes
$ kubectl auth can-i list pods ...
1
vote
3
answers
228
views
What is the role of Subject Name (SN) / Subject Alternative Name (SAN) in Microsoft Public Key Infrastructure (PKI)?
What is the Subject Names / Subject alternative names and how do they differ from each other?
Specially the template below "subject name" tab. What does that change in the normal certificate ...
1
vote
1
answer
44
views
Specifying Dynamic filenames for AIA and CDP in CAPolicy?
In the "CAPolicy.inf" file where you define [AuthorityInformationAccess] and [CRLDistributionPoint], can these sections use dynamic values? For instance:
[CRLDistirubtionPoint]
URL="...
4
votes
1
answer
303
views
How to create an Authenticode Signing infrastructure?
I am attempting to create the necessary infrastructure to allow authorised users to sign PowerShell scripts and have them be trusted by the organisation, this allows deploying scripts to computers ...
1
vote
2
answers
75
views
Why does Active Directory Certificate Services require Remote Registry Service?
I'm setting up a two-tier certificate authority using Active Directory Certificate Services. The offline air-gapped root certificate authority was easy to set up and get going. The intermediate ...
1
vote
1
answer
93
views
How to reenroll certificate on behalf of someone else? Windows Certification Authority
I have Windows Server 2022 CA with a configured Enrollment Agent.
I can enroll new certificate on behalf of another user but I can't do the same with renewing it, while logged on as the Enrollment ...
0
votes
0
answers
51
views
OpenWISP -- inputing a certification authority
We're trying to set up OpenWISP using a paid-for wildcard (*.ngv.com.au) SSL certificate. The certificate comes to us as a ZIP of these files:
AAACertificateServices.crt
...
2
votes
1
answer
124
views
What happens if the startdate of a CA is later that the startdate of a X509 certificate signed by it?
I am in the process of extending the lifetime of a private CA creating a new certificate with the same name, serial number, private/public keys, etc. The only change would be the "startdate" ...
0
votes
1
answer
207
views
How to make kubeadm init work with external CAs?
I am trying to bootstrap a Kubernetes cluster using my own Certificate Authorities (CAs). I am following the Kubernetes Hardening Guide, which recommends having separate CAs for etcd and the rest of ...
0
votes
0
answers
161
views
Creating Web Secure Proxy in GCP - Certificate Issue
I am trying to configure GCP Secure Web Proxy https://cloud.google.com/secure-web-proxy/docs/overview.
The proxy is under IP: 10.10.0.16. Besides that, it has a local DNS Zone proxy.carecode.lan that ...
1
vote
1
answer
181
views
TLS through CDN
I'm trying to understand how TLS is terminated between a client and an origin when a CDN is involved.
I think it's pretty straightforward when a client connects directly to an origin, a handshake can ...