How to install a Root Certification Authority - Step-by-step

"The root of the trust chain in any PKI is the Root Certification Authority."

For security reasons the machine that you will be using is an isolated / standalone / non-domain joined machine. You want to limit access to this machine as much as possible.

The function of the Root CA is to "generate the server certificates that will be installed on the subordinate CAs. And those subordinate CAs will actually distribute user and computer certificates."

Note that the default hash algorithm SHA-1 has been flagged as weak meanwhile. As this will be the root CA you can and should go for something strong like SHA512 and a key length of 4096 bits.


Sources:

Keywords:
Windows Server 2012 R2, Active Directory, Certification Authority

Comments

Post a Comment

Popular posts from this blog

SQL Server Setup: Windows Firewall warning (Ports)

Image
What was it again SQL server setup throws out, when you have your Windows Firewall on?! Rule "Windows Firewall" generated a warning. The Windows Firewall is enabled. Make sure the appropriate ports are open to enable remote access. See the rules documentation at http://go.microsoft.com/fwlink/?LinkId=94001 for information about ports to open for each feature. Keywords: Setup, Firewall, Ports, SQL Server, Microsoft
Read more

Artifical Intelligence / Machine Learning: Generative Adversarial Networks (GANs) / Generative Modeling

Image
While there is a lot of buzz on data analysis and understanding data there for applied use of artifical intelligence and machine learning it is less known in the public on what Artifical Intelligence can do regarding generating original content and altering existing content. So called Generative Adversarial Networks can generate or change pictures and can even alter videos. E.g. The website www.ThisPersonDoesNotExist.com gives and interesting and somewhat worrisome examples of that technolgy. The speed at which this technology evolves is as astounding as the results it can give already. The technology can not only be used to generate static content like the pictures of faces, but can also modify videos. There is an example where the same scene filmed by day is recreated to appear at night: Another example illustrates how a video of a horse is transferred to a video of a zebra. As Ian Goodfellow points out the GAN did not only change the brown horse to be white with bla...
Read more

Dates in JSON

What format is the right one in JSON? "Or best? Is there any sort of standard on this?" "DateTimes in JSON are hard. The problem comes from the JSON spec itself: there is no literal syntax for dates in JSON. The spec has objects, arrays, strings, integers, and floats, but it defines no standard for what a date looks like." A common date/time-format used is ISO 8601. It is also used widely in libraries such as JavaScript's toJSON-method and Json.NET . In principle this turns the DateTime string into: <YYYY-MM-DD>T<HH:MM>[:SS.SSS][[+|-]HH:MM[:SS]|Z] Example: { "lastPlayedDateTime": "2021-12-28T23:30:00+01:00" } What's the Z? Z depicts the shorthand notation for UTC times, e.g. "2009-02-15T00:00Z" . Sources: Serializing Dates in JSON StackOverflow What is the "right" JSON date format? Wikipedia on ISO 8601 toJSON-method JSON spec
Read more