Certificate Management Tools

Certificate Management Tools
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 General Computer Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Certificate Management Tools TC 04-27-2005
Posted by TC on April 27, 2005, 9:35 am
If you were  Registered and logged in, you could reply and use other advanced thread options
What software is available for creating and managing certificates?

After researching certificates, I have determined I need a self-signed
certificate with a distant expiration date (~20 years) which can be
applied by multiple computers.

I have also determined that I do not have the ability to create such a
certificate. I have Microsoft's selfcert.exe and the certification
authoriy included with Microsoft Windows 2003 Server. With these tools,
I can create certificates, but I have no control over the expiration
date and I cannot export the private key (and therefore can only apply
the certificate from the computer on which it was created).

I am unfamiliar with the other tools out there. Can anyone tell me what
software is available for creating and managing certificates?


-TC



Posted by Anne & Lynn Wheeler on April 27, 2005, 10:57 am
If you were  Registered and logged in, you could reply and use other advanced thread options

> I have also determined that I do not have the ability to create such a
> certificate. I have Microsoft's selfcert.exe and the certification
> authoriy included with Microsoft Windows 2003 Server. With these tools,
> I can create certificates, but I have no control over the expiration
> date and I cannot export the private key (and therefore can only apply
> the certificate from the computer on which it was created).

private keys are stored in some sort of encrypted file ... totally
separate from any certicate.

at least one vendor has a virus demo where they copy an encrypted
private key file off a victim machine and break the encryption in
something like an avg. of 40-50 seconds (brute force guessing on
secret/symmetric key used to encrypt the private key file).

In PGP and SSH it is relatively trivial to identify the encrypted
private key file ... and copy it across multiple machines ... however
these implementations also make due w/o requiring public key
certificates.

quicky use of search engine turns up this ssh for windows:
http://www.jfitz.com/tips/ssh_for_windows.html
http://sshwindows.sourceforge.net/
http://bmrc.berkeley.edu/people/chaffee/winntutil.html

commercial ssh web site:
http://www.ssh.com/products/tectia/

open ssl has an application for generating certificates
http://www.openssl.org/

also using search engine ... the first several sites
that come up about generating certificate
http://slacksite.com/apache/certificate.html
http://tirian.magd.ox.ac.uk/~nick/openssl-certs/ca.shtml
http://www.pseudonym.org/ssl/ssl_cook.html
http://www.geotrusteurope.com/support/csr/csr_apache.htm
http://www.ssl.com/support/apacheOpenSSLInstall.jsp
http://www.rajeevnet.com/crypto/ca/ca-paper.html
http://www.instantssl.com/ssl-certificate-support/csr_generation/ssl-certificate-openssl.html
http://sial.org/howto/openssl/ca/

--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/


Posted by Edward A. Feustel on April 28, 2005, 7:21 am
If you were  Registered and logged in, you could reply and use other advanced thread options

> What software is available for creating and managing certificates?
>
> After researching certificates, I have determined I need a self-signed
> certificate with a distant expiration date (~20 years) which can be
> applied by multiple computers.
>
> I have also determined that I do not have the ability to create such a
> certificate. I have Microsoft's selfcert.exe and the certification
> authoriy included with Microsoft Windows 2003 Server. With these tools,
> I can create certificates, but I have no control over the expiration
> date and I cannot export the private key (and therefore can only apply
> the certificate from the computer on which it was created).
>
> I am unfamiliar with the other tools out there. Can anyone tell me what
> software is available for creating and managing certificates?
>
>
> -TC
>
>
Take a look at the NSS (Netscape Security Services?) package.
There is also a JSS package which is the Java adapter.
These libraries are used by Mozilla and Netscape for creating and managing
certificates
as well as all the associated encryption.
Ed




----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000
Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---


Similar ThreadsPosted
SSRT5958 rev.0 - HP OpenView Radia Management Portal (RMP) Radia Management Agent (RMA) Remote Unauthorized Privileged Access and Denial of Service (DoS) April 28, 2005, 6:33 pm
Howto setup a certificate authority and create a signed certificate using openssl on Debian sarge March 16, 2005, 10:39 am
Free Seuciryt tools May 18, 2005, 6:49 pm
Denial of Service tools September 30, 2006, 3:46 pm
How a tools knows it's successfully decrypted a file? December 11, 2006, 11:02 am
HPSBUX0101-137 HP9000 series 700/800 Support Tools Manager April 8, 2004, 6:37 am
HPSBUX0101-137 rev.3 HP-UX Support Tools Manager (xstm,cstm,stm) May 17, 2004, 2:11 pm
Is there any third party tools to connect active directory with Oracle? May 9, 2005, 8:03 am
Info request - Penetration Testing tools list May 19, 2005, 8:47 pm
HPSBST02321 SSRT080029 rev.1 - HP StorageWorks Library and Tape Tools (LTT) Running on HP-UX, Local Unauthorized Access March 19, 2008, 11:06 am

The site map in XML format XML site map

Contact Us | Privacy Policy