What Do The Details of a Digital Certificate Mean?

There is a lot of information that gets added to a digital certificate. The information within these fields under the details of a digital certificate state the parameters from its issuance. Some of these fields are just informational, but sometimes an application can be built around these specific fields. With the standards of the security industry always changing these attributes may change at anytime to comply with CAB Forum requirements. To see the details of a digital certificate just click on the Details tab. Below is a brief run down of each field displayed on a Digital certificate and what them mean. Version: This field describes the version of the encoded certificate. For SSL certificates, the x509 version is 3 […]

Read More

How To Import A Certificate Into Mac OS

Depending on the circumstance you may need to import an SSL or Code Signing Certificate into a Mac system. Typically all Mac OS systems refer to the Mac’s Keychain Access for all things pertaining to digital certificates, unless by a different design on whatever application the you are using. Mac Systems use pfx/p12 files that contain both the public & private key to perform its signing, encryption, etc.. similar to Microsoft.  Therefore, if you need to import a functional SSL or Code Signing certificate into Mac you will need a .pfx/.p12 To import your SSL or Code Signing Certificate into you Mac system perform the following. Importing your  PKCS#12 .pfx/.P12 file on Mac OS X To open Keychain Access, start by clicking on […]

Read More

SonicWALL Network Security Appliance (NSA) – CSR Instructions

SonicWALL Network Security Appliance (NSA) is a unique server system that uses pem files similar to Apache. As far as Apache “Type” systems go, this one is impressively easy to work with. To generate a Certificate Signing Request (CSR), a key pair must be created for the server. These two items are a public key and a private key pair and cannot be separated. Like all key pairs the private key once created will remain on the system where the CSR is made. The CSR public key is what you will submit to a Certificate Authority (CA) to get the public key signed. To generate a CSR on SonicWALL NSA perform the following. Step 1: Creating your CSR request: Log into your […]

Read More

Troubleshooting: Host headers in Microsoft Server 2008 IIS 7.0 & 7.5

Depending on your environment you may have the following Issues: Website A is coming up as website B. Unable to assign a certificate due to another website using the same IP or Port. Host Name when binding the certificate is grayed out. Using Host Headers requires that the following conditions are met: You must be using either a Wildcard or a SAN certificate The website address being used must meet the following. Include as a SAN value on the certificate. The Common Name (CN) of the certificate Be Covered by a wildcard Only one certificate can be used for a given IP address and port combination The friendly name of the certificate must have the wildcard * attribute in order […]

Read More

Cisco Wireless LAN Controller (WLC) – SSL Guide

Cisco Wireless Lan Controller (WLC) is a very complex system with unconventional implementation of its keypairs for encryption. CSR creation and certificate installation may vary as your custom environment system may differ. Below are generalized instructions. The utility “Openssl” is used to generate the key and CSR and used to perform conversions. This utility comes with the Openssl package and is usually installed under /usr/local/ssl/bin. If you have a custom installation, you will need to adjust these instructions appropriately. To generate a CSR and Install your SSL/TLS certificate after it has been issued on a Cisco WLC perform the following. Step 1: Generating your private key pair: On the Apache system type using Open SSL perform the following command at the prompt. Note: […]

Read More

CSR Generation Instructions (All Systems)

A Certificate Signing Request or CSR is a specially formatted underdeveloped public key  that is used for enrollment of an SSL Certificate. The information on this CSR is important for a Certificate Authority (CA). It is needed to validate the information required to issue a SSL Certificate. Creation of a CSR also means you are creating your private key. The private key will always be left on the system or application where the CSR is generated. The Private key will be required later for installation. If you do not see your server listed Perform a search or you may have to contact your server vender or hosting provider for best practices on how to generate a CSR on your system. […]

Read More

How To Move An SSL Certificate From Windows Server To Apache.

Depending on your network you may have to move your SSL/TLS server certificate and its private key from one system to another. This article covers how to move your server certificate, and its private key from IIS that uses a single pfx/p12/pkcs#12 file to Apache that uses separate .pem,.crt, key files. This will require a conversion using OpenSSL that is on the Apache System. You need both the public key and private keys for an SSL certificate to work properly on any system. Windows uses the pfx/p12 file to contain these two keys; therefore, if you need to transfer your SSL certificate from one server to another or store it someplace for safe keeping you need to create a .pfx backup. Apache […]

Read More

How to Convert an SSL Server Certificate from Apache to PKCS12/PFX

Depending on your network you may have to move your SSL/TLS server certificate and its private key from one system to another. This article covers how to move your SSL certificate, its private key, and its intermediate CA from Apache to pfx also known as a pkcs#12 file. This will require a conversion using OpenSSL that is on the Apache System. Apache systems are very customizable. The directory location and naming of the individual files needed vary depending on your personalized system. Below are generalized instructions. We will start by assuming that you have already successfully installed the SSL certificate on the Apache web server. To move your certificate keypair from Apache to PFX perform the following: Step 1: Finding your […]

Read More

GeoTrust Site Seal Installation Instructions

Ready to Install GeoTrust Site Seal? Boost your business with the trust mark that gives customers confidence! With the increase of fraud and identity theft, online visitors have learned to look for trust signs when they transact online. A GeoTrust® Site Seal, available with every GeoTrust Quick SSL Certificate, or GeoTrust certificate product and show web site visitors that their information is protected. Add the GeoTrust Site  Seal to your home page, buy page, log-in or any other page on your authenticated site where visitors need to verify your web site. Note: You must purchase a GeoTrust Certificate  before installing the GeoTrust Site Seal. To install the Legacy GeoTrust Site Seal, simply add the following lines to each web page on which you […]

Read More

Microsoft SharePoint 2010 – SSL Installation

Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. This is because your private key will always be left on the server system where the CSR was originally created. With Microsoft systems the private key is hidden away and will only appear once the CSR request has been completed. Your SSL certificate will not work without this private key file. We will assume that this is the original system. To Install your SSL certificate on Windows IIS 7 and 7.5 for SharePoint 2010 perform the following. Step 1: Picking up your SSL Certificate: If you had the option of server type during enrollment and selected IIS you […]

Read More