Tag Archives: PKI

How to request custom certificates using the MMC snapin

A common misunderstand is that creating a certificate signing request (CSR) requires an Internet Information Service (IIS), an Exchange Admin Center console. On any Windows computer, you can use the Certificates MMC snap-in to create custom certificate signing requests, like SAN certificates for web server (for server authentication). First open the Certificates MMC snap-in: Log… Read More »

How to create a custom self signed certificate with PowerShell

From time to time you may need a custom certificate for testing or troubleshooting purposes. If you do not have access to a lab where you have an Enterprise Certificate Authority running, generating a self signed certificate is often a quick and convenient way of getting a usable certificate. As a word of caution, a… Read More »

SHA-1 Deprecation timeline accelerated

SHA-1 and SHA-2 are cryptographic ‘Hash’ algorithms, that are used in the digital signatures that forms the foundation certificates are built on. Over time, cryptographic algorithms become relatively weaker as they are exposed to  attacks through both the availability of increasingly powerful computers and advanced cryptanalysis. The use of the signing algorithm SHA-1 is being… Read More »