OpenSSL Commands

OpenSSL is used for many things other than running encryption on a website. It is also used for the generation of CSR keypairs, and more importantly within this article converting. The Italic parts in the conversions below are examples of you own files, or your own unique naming conventions adapt these Italic name examples to your own files names for openssl commands. Note: .pem, .cer, crt. are all the same type of x509/pem certificate only with different extensions. Obtain OpenSSL: Note: In order for OpenSSL software successfully installed on a computer system. You must have local system administrator privilege on the computer. Download and install OpenSSL to perform a certificate conversion. Windows Linux Use the following OpenSSL commands to convert SSL […]

Read More

Portecle: Advanced Keystore Creation and Manipulation Tool

Portecle is a user friendly GUI application for creating, managing and examining keystores, keys, certificates, certificate requests, certificate revocation lists and more. The scenario for using such a tool is if a server system lacks the capability of generating a CSR keypair on its own. Another Senario would be if large networks of multiple server types, data centers and such are faced with a CSR keypair on one system environment and the tireless key store conversions that are required to import a keypair into a different server environment, which can be very time consuming and frustrating. Portecle eliminates the need for a server to create a CSR keypair. It acts as keypair CSR generator where you can generate a single […]

Read More

Windows Server IIS/Exchange – Intermediate Installation

You have successfully installed your SSL Certificate on a windows server system although you might be having some trust issues on certain browsers or applications are not fully trusting your SSL Certificate. This may be due to a lack of an intermediate CA certificate file that helps Chain the Trust to your clients browsers or systems. Or,  instead of installing a pkcs#7 certificate that has the intermediate embedded in the server certificates code you installed an x509 version of your certificate which does not have the intermediate within it. In order to import your SSL Certificate Intermediate CA Certificate perform the following. Step 1: Downloading Intermediate CA certificate: If your intermediate CA certificate for your product is not in the body of […]

Read More

What is the CA/Browser Forum?

The Certification Authority Browser Forum, also known as CA/Browser Forum, is a voluntary consortium of certification authorities, vendors of Internet browser software, operating systems, and other PKI (Encrypted) applications that make the industry guidelines. It governs the issuance and management of SSL and Code Signing  digital certificates that chain to a trust anchor root that is embedded in such applications. In cryptography, a certificate authority or certification authority (CA) is the notarizer that issues digital certificates. A digital certificate certifies the ownership of a public key that is passed to client by websites, server systems and other applications when performing encryption. If the security of the certificate is ever compromised the CA can revoke the certificate making browsers not trust the website or applications where […]

Read More

Microsoft Lync 2013 – SSL Installation

Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. This is because your private key will always be left on the server system where the CSR was originally created. With Microsoft systems the private key is hidden away and will only appear once the CSR request has been completed. Your SSL certificate will not work without this private key file. We will assume that this is the original system. To Install your SSL certificate on Windows Lync 2013 perform the following. Step 1: Picking up  your SSL Certificate: If you had the option of server type during enrollment and selected IIS you will receive a […]

Read More

Microsoft Lync 2013 – CSR Instructions

To generate a Certificate Signing Request (CSR) for Windows Lync 2013 you will need to create a key pair for your server the public key and private key. These two items are a digital certificate key pair and cannot be separated. On Windows type systems PFX/PKCS12 requests are made, and are stored on the system. The private key will remain hidden on the windows system where the CSR request is made. To generate a CSR on a Lync 2013 system perform the following. Step 1: Generating your CSR: From the start menu click on the Lync Deployment Wizard. Click Install or Update Lync Server System. Under the Request, Install or Assign Certificate section click Run. Select External Edge Certificate and […]

Read More

Total Website Security for Total Confidence

Symantec™ Extended Validation (EV) SSL Certificates can be a key factor in helping increase customer confidence during online business transactions. More confidence can mean more conversions for customers with EV SSL certificates.   Extended validation (EV) SSL assures users that your site is secure and your identity has been authenticated to the industry’s highest standards. Features Extended validation triggers the green address bar, giving customers the confidence to transact Supports 2 encryption algorithms, RSA, DSA within the same SSL certificate SGC to provide step-up protection for visitors who use older browsers The Norton Secured Seal, the most recognized trust mark on the Internet Weekly website vulnerability assessment Daily website malware scan Data protection up to 256-bit encryption with 40-bit minimum […]

Read More

Setting up Exchange configuration in Exchange 2010 & 2013

Setting up the configuration in Exchange 2010 and 2013 configuration will vary depending on your environment. You will need to know and select the Exchange configuration that best works for you and your organization. If you need more support on how the Exchange configuration services best fits you and your environment you will need to contact Microsoft Support. Below is a simplified explanation of each item. Federated Sharing — Select if you want to use your certificate for Federated Delegation. Client Access server (Outlook Web App) — Select if you have Outlook Web App on the Internet, and then enter the domain names you use to access Outlook Web App. Client Access server (Exchange ActiveSync) — Select if ActiveSync is enabled, and then […]

Read More
Microsoft Exchange: How it fits into business

SSL Solutions for Microsoft Exchange

Microsoft Exchange: How it fits into business Microsoft Exchange: How SSL fits into business applications are essential tools for any business. With the introduction of Microsoft Exchange 2007, 2010 and 2013, businesses are able to leverage constant communication to drive productivity and stay competitive. Along with the new capabilities comes a greater chance of risk that your private and sensitive information being transferred can be compromised. Organizations must be mindful to take the proper security steps to ensure their information is secured and that’s where SSL certificates come in. There are more perceived risks when shopping online–from information security to pricing and service all of which degrades consumer confidence. If a visitor does not trust your website the sale will […]

Read More

Why every Domain and Sub Domain needs to be validated each time.

Security practices in issuing a certificate and why every Domain Sub Domain needs to be validated each time: The urgent need for all commercial CAs to implement better security standards, starting with the CA/Browser Baseline Requirements, and the steps that Web browser developers, SSL certificate subscribers, and relying parties can to do hold CAs accountable for complying with these requirements.  Symantec’s  rigorous security and authentication practices lead the industry in reputation qualification measures to establish an online business’ credibility. The core or “kernel” of trust in the PKI system rests the assumption that commercial CAs maintain a commitment to security that is beyond reproach. Digital certificates are verified using a chain of trust, and root CAs act as trust “anchors” […]

Read More