Category Archives: PKI

Autoenrollment is not working.

Problem: Group Policy says that autoenrollment is switched on but the autoenrollment function is not working. None of your Root, Issuing or Machine certificates are enrolled. If you try to trigger the autoenrollment process you get an error. certutil -pulse CertUtil: … Continue reading

Posted in PKI, Windows | Comments Off on Autoenrollment is not working.

Base64 encoding with certutil

Encode certutil -encode inputFileName encodedOutputFileName Decode certutil -decode encodedInputFileName OutputFileName

Posted in PKI | Comments Off on Base64 encoding with certutil

Smartcard – Force reading all certificates on smartcard

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\SmartCardCredentialProvider] “ForceReadingAllCertificates”=dword:00000001 

Posted in PKI, Windows | Comments Off on Smartcard – Force reading all certificates on smartcard

Write CSR with SAN-attributes

Openssl.cnf[ req] distinguished_name = req_distinguished_name req_extensions = v3_req [req_distinguished_name] countryName = Country Name (2 letter code) countryName_default = US stateOrProvinceName = State or Province Name (full name) stateOrProvinceName_default = MyProvince localityName = Locality Name (eg, city) localityName_default = Mycity 0.organizationName … Continue reading

Posted in OpenSSL, PKI | Tagged , , | Comments Off on Write CSR with SAN-attributes

Verify certificate and private key with Openssl

Openssl can be used for verifying if there is a match between a private key and certificate. Enter these commands and analyze the output. openssl x509 -noout -text -in server.crt openssl rsa -noout -text -in server.key Compare the two sections … Continue reading

Posted in OpenSSL, PKI | Comments Off on Verify certificate and private key with Openssl

Smartcard logon problems

You are able to logon to Windows but when logged on you cannot use “Run as another user” Error Message: A specified logon session does not exist. It may already have been terminated Reason: Certificates on the smart card is … Continue reading

Posted in Active Directory, PKI | Tagged , , | Comments Off on Smartcard logon problems

Export av certifikat till textformat

Continue reading

Posted in PKI | Tagged , | Comments Off on Export av certifikat till textformat

Export av privat nyckel till textformat

Continue reading

Posted in PKI | Tagged , | Comments Off on Export av privat nyckel till textformat

Konfigurera IIS att använda Certificate Trust List

Continue reading

Posted in IIS, PKI | Tagged , , , | Comments Off on Konfigurera IIS att använda Certificate Trust List

Förlänga CRL med CA-servern offline

Continue reading

Posted in PKI | Tagged , , | Comments Off on Förlänga CRL med CA-servern offline