A common task among system administrators is the renewal of SSL certificates. It is important to keep track of expiration dates so that it is not too late for us to renew it.
You can simply create an excel or some other type of record of the certificate dates, but you have to remember to check it from time … Read more
Some days ago I tried to cleanup old certificates from my Exchange servers, but I received the following error:
[PS] C:\> Remove-ExchangeCertificate -Thumbprint D09EDD6D5F18C175254AB97046AAAAAAAAAAAAA
Are you sure you want to perform this action?
Remove certificate with thumbprint DD09EDD6D5F18C175254AB97046AAAAAAAAAAAAA from the computer's certificate store?
[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is
… Read more
This post explains how to generate self signed certificates with SAN – Subject Alternative Names using openssl. It is a common but not very funny task, only a minute is needed when using this method.
The example below generates a certificate with two SubAltNames: mydomain.com and www.mydomain.com
Create openssl configuration file
Create configuration file for openssh (In a Linux … Read more
For certain application, a job partner asked me to send him certain certificate with private key in PEM format. Normally I’m using PFX format, but with a little help of the openssl toolkit converting PFX to PEM is quite easy.
openssl for windows can be downloaded here: http://gnuwin32.sourceforge.net/packages/openssl.htm
After extracting the contents, inside the bin subfolder the openssl … Read more
When renewing a certificate it is not necessary to generate a new csr. This is possible by maintaining the same private key.
When received the renewed certificate from the 3rd party certification authority, we can try to import it and assign the private key from the management console (mmc -> certificates).
One of the options that are shown when … Read more