Dalle on Twitter
Posts by
-
Top Posts & Pages
- Three ways to kill and avoid KB976002 (The Microsoft Browser Choice Screen)
- How to distribute root certificates as exe files
- The wizard in signtool.exe – digital signing for dummies…
- SSLScan – A SSL-scanner for Windows
- Backup and restore for Active Directory Certificate Services
- Revealing your WLAN password using netsh and PowerShell
- How to list all XP computers
- How to get MAC Addresses from remote computers
- How to issue EV SSL certificates from an Enterprise CA
Tag Cloud
.net Active Directory AD Add-Computer bios Blog certutil Christmas Clean-Temp Cool DD-WRT Deployment DXter facebook function Gadgets Geek Gemalto gui How-To Internet Explorer 8 LabCenter MDT 2010 Microsoft Modules News New stuff Office 2010 PKI PKI Toolbox PowerGUI Power Shell PowerShell PowerShell Blogs Screencast Second Wednesday security TechDays Twitter windows Windows 7 Windows 8 Windows Server 2008 R2 WinSec WMIDeployment
PowerShell
Security
Archives
- May 2013
- September 2012
- August 2012
- June 2012
- March 2012
- January 2012
- December 2011
- November 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- June 2008
- April 2007
- June 2006
Tag Archives: DXter
PKI lockdown for internal Enterprise Roots using CAPolicy.inf
Sorry for being absence from the blog right now. A lot of time consuming stuff is happening at work right now, but I will better myself, I promise! A very common problem I see regarding ADCS and PKI is that … Continue reading
ADCS Certificate Expiration Report Tool
I want to start with a little disclaimer: The real credits for this tool does not really belong to me. This tool is using the really wonderful PSPKI PowerShell module from http://pspki.codeplex.com/ and all credits should go them for making … Continue reading
WINSEC crew @ Microsoft Sommarkollo 2011
Yesterday myself, Hasain Alshakarti and Göran Melvås (all three of us are members of Swedish Windows Security User Group) had a live session at Microsoft Sweden about Forefront Identity Manager Certificate Management 2010 (FIM-CM 2010). I wanted to thank … Continue reading
How to issue EV SSL certificates from an Enterprise CA
A question that I get all the time, is how to issue internal Extended Validation certificates from an internal Enterprise CA. Even though EV certificates do not provide increased security from a technical point of view, sometimes people just want … Continue reading
Do not enable SAN certificate requests on your Enterprise CA’s!
Not many people are not aware of the fact that enabling SAN attributes in certificate requests can be a security issue. I have seen many people on different forums that tell other people to enable EDITF_ATTRIBUTESUBJECTALTNAME2 with certutil on Enterprise … Continue reading
Goodies from CAPolicy.inf–LoadDefaultTemplates
Not many people are aware of a certain available option in CAPolicy.inf that came with Windows Server 2003 SP1. The LoadDefaultTemplates is very useful since it prevents the CA to associate itself with the default list of certificate templates when … Continue reading
How to remotely check if Base CSP is installed
At this TechDays 2011 here in Sweden, I got a question when I was standing in the Swedish Windows Security User Group booth about if there was some easy way to determine if the Microsoft Base CSP (KB909520) is installed … Continue reading