Home
Bartosz Czerwiński's Library tagged → View Popular
Using a non-MS CA to create EFS and File Recovery certificates
How to create File Recovery certificates using OpenSSL and MS makecert.exe tool.
-
- openssl req -new -days 365 -nodes -keyout Finished/username-key.pem -out Meta/username-req.pem -config Meta/efs-fr.cnf
- openssl ca -policy policy_anything -in Meta/username-req.pem -out Finished/username-crt.pem -extfile Meta/efs-fr.cnf
- openssl pkcs12 -export -in Finished/username-crt.pem -inkey Finished/username-key.pem -certfile cacert.pem -out Finished/username.p12
The pcks12 format includes public and private keys for the certificate, and is easy to import and use in Windows.
Smart Card - Video Tutorials
Video tutorials that shows how to set up Smart Card environment.
Guidelines for enabling smart card logon in Windows
Guidelines for enabling smart card logon with third-party certification authorities in Windows Server Active Directory Service.
-
- The smart card certificate has specific format requirements:
- The CRL Distribution Point (CDP) location (where CRL is the Certification Revocation List) must be populated, online, and available. For example:
[1]CRL Distribution Point
Distribution Point Name:
Full Name:
URL=http://server1.name.com/CertEnroll/caname.crl - Key Usage = Digital Signature
- Basic Constraints [Subject Type=End Entity, Path Length Constraint=None] (Optional)
- Enhanced Key Usage =
- Client Authentication (1.3.6.1.5.5.7.3.2)
(The client authentication OID) is only required if a certificate is used for SSL authentication.) - Smart Card Logon (1.3.6.1.4.1.311.20.2.2)
- Subject Alternative Name = Other Name: Principal Name= (UPN). For example:
UPN = user1@name.com
The UPN OtherName OID is : "1.3.6.1.4.1.311.20.2.3"
The UPN OtherName value: Must be ASN1-encoded UTF8 string - Subject = Distinguished name of user. This field is a mandatory extension, but the population of this field is optional.
- Client Authentication (1.3.6.1.5.5.7.3.2)
- The CRL Distribution Point (CDP) location (where CRL is the Certification Revocation List) must be populated, online, and available. For example:
Windows Vista Smart Card Infrastructure
Description of Smart Card Infrastructure in Windows Vista.
Smart Card - Libraries
Many helpfull tips, articles and reference books about Smart Card PKI deployment in Microsoft products.
SmartCard Infrastructure MSDN
Bloog about SmartCard Infrastructure according to Microsoft Products.
Produkty :: CryptoTech
SmatCards, PKI and other security solutions.
Objectif Sécurité. A leading Swiss company in the field of information systems security
Rainbow tables hashes database. Online cracking tool.
LM Reverse hash lookup Online - Lan Manager Crack - Hash Calculator
Password cracking engine using rainbow tables.
MDCrack, bruteforce your MD2/MD4/MD5/HMAC/NTLM1/IOS/PIX/FreeBSD and even more hashes.
MD2/4/5, HMAC-MD4/5, NTLM1, IOS, PIX password cracker.
HashBreaker, Czy Twoje hasło jest bezpieczne?
Online password hashes database.
DKIM - heise Networks Polska
DKIM overview. Polish only.
Home (Hard Token Management Framework)
Hard Token Management Framework - complete environment for Smart Card and/or USB dongles lifecycle management framework.
JAP -- ANONYMITY & PRIVACY
How to be fully anonymous in the Internet.
IPTABLES GENERATOR
Simple iptables rules generator.
Selected Tags
Related Tags
Sponsored Links
Top Contributors
Groups interested in security
-
Free Security Software
Free security software to h...
Items: 22 | Visits: 113
Created by: Matt G.
-
Defensive Web Programming
Links that came up during S...
Items: 16 | Visits: 181
Created by: Joel Bennett
-
Online Security
Everything related to onlin...
Items: 4 | Visits: 137
Created by: Call Me What You Want
Diigo is about better ways to research, share and collaborate on information. Learn more »
Join Diigo