« Back to home

How IAP Desktop protects TCP tunnels

Posted on

In the last post, we looked at the risks of using local port forwarding and how it’s difficult to protect TCP tunnels in a multi-user environment. In this post, we take a look at how IAP Desktop protects its tunnels. Continue »

Onboarding workforce identities to Google Cloud

In a company’s journey to the cloud, one of the topics that is important to sort out early is identity management. To do anything meaningful with Google Cloud, employees need to be able to sign in to the Cloud Console – but manually creating user accounts for each employee is rarely a good idea. Continue »

Certificate enrollment: Crypto API, CNG, and other Windows APIs

One thing certreq and the Certificate Manager MMC snap-in have in common is that they rely heavily on Windows’ built-in APIs for managing certificates, encryption, and keys. This post takes a deeper look at which APIs Windows provides for cryptography, key management, certificate management, and certificate enrollment. Continue »

Certificate enrollment: Concepts

Many of the protocols we use every day rely on certificates. The process to request and obtain a new certificate from a CA is called certificate enrollment. This post explains the basic concepts behind certificate enrollment. Continue »