Deploying certificates and CRL in a domain or a forest in an automated fashion can done using GPO like many other settings. However a less well-known possibility is to use the certutil -dspublish command. Let’s review how it works. When using that option, certificates are stored in one of the […]
When using self-signed certificates, and accessing your web contents with the Firefox browser, you may get a strange error message SEC_ERROR_INADEQUATE_KEY_USAGE This may happen in self hosted instances of YunoHost for example. Whereas the contents is properly displayed in all other browsers, you cannot add any exception in Firefox and […]
The documentation for the powershell cmdlet Get-Certificate only use generic examples. In this post, let’s see the Get-Certificate usage for Web Server. In our scenario, you have an Enterprise CA whose service is published under the name ‘My Company SubCA I’. You also have duplicated the Web Server template under […]
WHen you want to implement mail signing and/or encryption wit the Outlook/Exchange products, you are faced to different choices. One involves to know which Exchange S/MIME template you should choose among all Certificate templates. First of all, please remember that S/MIME may help to achieve the following goals: message authentication: […]
A recent lab build showed me that in spite Microsoft’s evangelism for Powershell scripting, every product is not yet aligned and also made me discover a nice Powershell Module about PKI management. The initial goal of my lab was to test the Active Directory Federation Services role from the Windows […]
