SSL

Check your certificate status visually

By Alexander Trofimov

Just another not bad tool. If you don’t have a wildcard certificate in use, probably you have many of them and in many places.Usually such kind of system is being monitored automatically with some system (OpsMgr, nagios, custom software), but sometimes you just need to get an overview of what’s happening right now. In this case you can use some report if you have one suitable, or write your own report, or use the following tool: VerifySSLSertificate.It’s small, robust and have just several but essential functions and settings. You can save and load a list of servers to check, save … Continue reading Check your certificate status visually

Wildcard certificates drawbacks

By Alexander Trofimov

That’s one of the referrers from search systems which leads users to my blog. Ok, there certainly are drawbacks, so why not? But first things first: what are those wildcard certificates? In order to protect communications with some web-services or web sites (not only them, actually) we use SSL certificates. I have to say, that it doesn’t, actually, mean that every site with https prefix and valid certificate is valid itself or communications with it are protected, but that’s not for today’s discussion. Anyway, SSL certificates are somewhat brilliant and somewhat ugly, but they are our reality for now and … Continue reading Wildcard certificates drawbacks

IE7 & SSL

By Alexander Trofimov

I’ve received a question through the Russian TechNet Forums, answer to which is to be widespread. The fact is that the CRL checking process has been change in IE7 in case CRL is not reachable. While IE6 shows the warning in that case, IE7 by default doesn’t show anything. It is easy to think up the situation (which is, fortunately, harder to implement) which will lead to some problems due to such a behavior of the browser. It is quite easy to switch the thinks back, just add the following key to the registry: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMainFeatureControlFEATURE_WARN_ON_SEC_CERT_REV_FAILED] "iexplore.exe"=dword:00000001» After that we … Continue reading IE7 & SSL