Certificate Management Tools

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
What software is available for creating and managing certificates?

After researching certificates, I have determined I need a self-signed
certificate with a distant expiration date (~20 years) which can be
applied by multiple computers.

I have also determined that I do not have the ability to create such a
certificate. I have Microsoft's selfcert.exe and the certification
authoriy included with Microsoft Windows 2003 Server. With these tools,
I can create certificates, but I have no control over the expiration
date and I cannot export the private key (and therefore can only apply
the certificate from the computer on which it was created).

I am unfamiliar with the other tools out there. Can anyone tell me what
software is available for creating and managing certificates?


Re: Certificate Management Tools

Quoted text here. Click to load it

private keys are stored in some sort of encrypted file ... totally
separate from any certicate.

at least one vendor has a virus demo where they copy an encrypted
private key file off a victim machine and break the encryption in
something like an avg. of 40-50 seconds (brute force guessing on
secret/symmetric key used to encrypt the private key file).

In PGP and SSH it is relatively trivial to identify the encrypted
private key file ... and copy it across multiple machines ...  however
these implementations also make due w/o requiring public key

quicky use of search engine turns up this ssh for windows:
http://sshwindows.sourceforge.net /

commercial ssh web site:
http://www.ssh.com/products/tectia /

open ssl has an application for generating certificates
http://www.openssl.org /

also using search engine ... the first several sites
that come up about generating certificate
http://sial.org/howto/openssl/ca /

Anne & Lynn Wheeler | http://www.garlic.com/~lynn /

Re: Certificate Management Tools

Anne & Lynn,

Thanks. I'm slogging through the Open SSL info now.

I'm not quite sure what you are saying about the private key. Are you
suggesting that I should be able to copy and use the private key on
multiple machines now, if only I can find the encrypted file which
contains it?


Re: Certificate Management Tools

Quoted text here. Click to load it
Take a look at the NSS (Netscape Security Services?) package.
There is also a JSS package which is the Java adapter.
These libraries are used by Mozilla and Netscape for creating and managing
as well as all the associated encryption.

----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000
---= East/West-Coast Server Farms - Total Privacy via Encryption =---

Site Timeline