« Back to home

Cryptography What's inside a PEM file

Posted on

One of the more confusing aspects of dealing with public key cryptography is that there are so many different file formats. Let’s take a closer look at the most common one, PEM. Continue »

Security Demystifying AutoSelectCertificateForUrls syntax

When a web server requires mutual TLS authentication, the default behavior of web browsers is to show a dialog that lets us choose which client certificate we’d like to use. Chrome lets us suppress these prompts by using the AutoSelectCertificateForUrls policy. But documentation is scarce. Continue »

Security Certificate enrollment: Crypto API, CNG, and other Windows APIs

One thing certreq and the Certificate Manager MMC snap-in have in common is that they rely heavily on Windows’ built-in APIs for managing certificates, encryption, and keys. This post takes a deeper look at which APIs Windows provides for cryptography, key management, certificate management, and certificate enrollment. Continue »

Security Certificate enrollment: Concepts

Many of the protocols we use every day rely on certificates. The process to request and obtain a new certificate from a CA is called certificate enrollment. This post explains the basic concepts behind certificate enrollment. Continue »