Directory: /pub/domains Git branch: dev Command: openssl x509 -text -noout -in beninca.link.crt Output: Certificate: Data: Version: 3 (0x2) Serial Number: 05:6d:10:a2:7d:52:68:fc:1b:f8:4a:9b:90:17:3a:a2:92:98 Signature Algorithm: ecdsa-with-SHA384 Issuer: C=US, O=Let's Encrypt, CN=E7 Validity Not Before: Jan 16 19:49:15 2026 GMT Not After : Apr 16 19:49:14 2026 GMT Subject: CN=beninca.link Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:e6:41:7d:f2:85:19:b4:ba:64:c9:83:75:05:e6: 1d:ac:7f:1e:0b:86:ad:39:e8:20:ad:2b:53:13:56: 3b:66:aa:62:58:e5:a7:b3:46:fa:e0:02:40:00:31: ae:3d:44:29:77:e2:56:81:db:e8:a9:62:a2:bb:ed: b1:3c:d4:4d:f3:e8:d3:0f:7f:28:e6:72:09:65:d4: f0:6e:b7:10:49:c9:21:26:b0:28:49:ae:3a:e9:41: 41:d1:c8:a1:4e:35:98 ASN1 OID: secp384r1 NIST CURVE: P-384

Finally made the switch to
elliptic curve #https certificates.

#openssl #x509

% openssl x509 -in /Applications/zoom.us.app/Contents/Resources/BBMMRoot.crt -text
…
Validity
Not Before: Feb 8 00:00:00 2010 GMT
Not After : Feb 7 23:59:59 2020 GMT
Subject: C=US, O=Thawte, Inc., CN=Thawte SSL CA
…

🧐

#Zoom #x509

Let's ACME with KERI A demonstration of how the old can seamlessly blend with the new

Hey I wrote about using #KERI to implement the ACME protocol from #LetsEncrypt ( #x509 certificate issuance automation). If you're into that stuff I hope you enjoy. Please tell your friends, like, and subscribe :D

open.substack.com/pub/vleida/p...

Refrescar el certificado X.509 de una entidad de certificación para Op Tengo un servicio OpenVPN privado desde hace diez años. Todos los certificados X.509 de acceso y el certificado X.509 del servidor OpenVPN están firmados por una autoridad de certificación privada. El

Refrescar el certificado X.509 de una entidad de certificación para OpenVPN, manteniendo sus firmas previas como válidas

blog.jcea.es/posts/202405...

#OpenVPN #x509 #hack

Download FireDaemon OpenSSL Binaries for Microsoft Windows Download free OpenSSL installers and binaries for Microsoft Windows. Latest digitally signed packages with command line tools and libraries from FireDaemon.

#FireDaemon #OpenSSL 3.5.3 LTS and 3.6.0 Beta 1 are available for download from www.firedaemon.com/download-fir...

#Cryptography #DigitalCertificates #Encryption #TLS #CyberSecurity #PKI #X509 #PostQuantumCryptography #PQC #QuantumSafe #QuantumResistant #NIST #OpenSource #FreeSoftware #OrangeCats 🐈

Original post on infosec.exchange

Weekend Reads

* URI redirection patterns https://arxiv.org/abs/2507.22019
* AI and college grad jobs www.wsj.com/lifestyle/careers/ai-ent...
* Internet control in Russia […]

A self-signed certificate gives you no identity, no trust, no revocation.

It’s not a security measure. It’s a placeholder — and a bad one.

Any shared system needs a real CA, internal or external. Period.

#PKI #X509 #enterpriseSecurity

What if #TLS used #PGP instead of #x509?

Original post on no-pony.farm

#fedihelp #fedihilfe

I am looking for a free provider of #x509 #certificates for use with #CAI #ContentAuthenticityInitiative #C2PA #ContentCredentials. #Adobe and #PixelStream seem to offer this #service, but not for #free. Basicalky something like #LetsEncrypt, only for #images.

#c2patool […]

Host a Private CA Server youtu.be/PqI4ztCn97I?... via @YouTube
#CyberSecurity #PKI #X509 #CertificateManagement #DevOps #sdntechforum

Secondly, it’s not clear if #gmail is using this workaround just for message recipients who don’t have their own “digital #X.509 certificates” to enable message encryption yet (which would be justifiable) or not (which would be an improvement over the status quo, but not genuine #E2EE.)

FIDO = passwordless login where the key stays on your device.

Explaining it isn't always easy - but once it clicks, it really clicks.

No shared secrets, no phishable passwords.
Just cryptographic trust.

Would you trust it over passwords?

#Cybersecurity #DigitalSignatures #SafeX #PKI #FIDO #X509

Playing a animated gif by reading a certificate in OpenSSL.

Use OpenSSL as a very inefficient video player by @wr

You should check out his repository for demos and a presentation covering all the funny and interesting details of X.509 parsing!

🔗 […]

[Original post on infosec.exchange]

Fix for change to OBJ sn2nid behavior in wolfCLU This PR updates wolfCLU to properly handle X509 name parsing following changes in wolfSSL's OBJ_sn2nid function behavior. The changes focus on how Distinguished Name (DN) components are processed when creating X509 certificates. These changes ensure wolfCLU properly handles X509 name components whe

wolfCLU now properly handles #X509 name parsing after changes to wolfSSL’s OBJ_sn2nid behavior! This ensures reliable DN processing while maintaining backward compatibility. Upgrade for improved #OpenSSL compatibility!

Learn more: www.wolfssl.com/fix-...
#CommandLineUtility

Sequoia and SafeNet software seem to be at odds—end users are stuck without X.509 smart card functionality until they make up. A weird (and frustrating) story of tech incompatibility.

Thoughts?

#TechIssues #SmartCards #X509

strongSwan - IPsec VPN for Linux, Android, FreeBSD, macOS, Windows strongSwan is an open-source, modular and portable IPsec-based VPN solution

#strongSwan 6.0.0 has been released ( #IPsec / #VPN / #IKE / #IKEv1 / #IKEv2 / #PostQuantumIKEv2 / #PostQuantumEncryption / #PostQuantum / #X509 / #FreeSWAN ) strongswan.org

Monitoring Java Application Security with JDK tools and JFR Events

#devoxx #java #jdk #jfr #tls #x509

www.youtube.com/watch?v...

It can be done without modifying code, breaking AGPL 3.0 terms or disabling SGX sealing: emulate the ENCLU/ENCLS x86 opcodes. This comes down to not piggybacking CPU attestation into x.509 #certificate and sending that back to the app. This should be done periodically. #x509

https://damienbod.com/2024/11/04/asp-net-core-and-angular-bff-using-a-yarp-downstream-api-protected-using-certificate-authentication/

Blogged: ASP.NET Core and Angular BFF using a YARP downstream API protected using certificate authentication

damienbod.com/2024/11/04/a...

#aspnetcore #dotnet #angular #nx #authentication #x509 #bff #openidconnect #oauth #certificate #web

GitHub - damienbod/AspNetCoreCertificates: Certificate Manager in .NET Core for creating and using X509 certificates Certificate Manager in .NET Core for creating and using X509 certificates - damienbod/AspNetCoreCertificates

Updated: Certificate Manager Nuget package

github.com/damienbod/As...

Certificate Manager is a package which makes it easy to create certificates which can be used to in client server authentication and IoT Devices like Azure IoT Hub

#dotnet #security #authentication #certificate #x509 #iot

The latest The Azure iPaaS and IoT Daily! paper.li/e-1516873350 Thanks to @damien_bod @dbtrends #dotnet #x509

Y a du progrès à faire sur les connexions TLS de site français : https://imirhil.fr/tls/ #étude #tls #x509

Also, Gandi supports now sha256 www.gandi.net/news/en/2014-10-21/2460-... #tls #x509 #sha256

Deprecation of SHA-1 and moving to SHA-2 (including Google Chrome timeline) support.servertastic.com/deprecation-of-sha1-and-... #tls #sha256 #x509 #chrome

An Analysis of the CAs trusted by iOS 8.0

An Analysis of the CAs trusted by iOS 8.0 karl.kornel.us/2014/09/an-analysis-of-t... #ios #security #x509

#LinkedData enabling #WoT construction via #LDAP #URIs & #NetIDTLS protocol. #TLS #PKI #X509 #RWW #Privacy #Identity

List of local files created by @oplyouid @oplyouid for @Android . #PKI #PKCS #TLS #YouID #WebID #X509 LinkedData

#YouID generated Digital Identity Card for G+ persona: #Identity #Privacy #WebID #PKI #vCard #X509 #NetID #HTML5

Q: What is YouID? A: Read: . #LinkedData #YouID #NetID #WebID #PKI #X509 #SMIME #Privacy #Identity #Security #Web30

example of a #LinkedData #URI that denotes a Public Key associated with an #X509 cert. #YouID #WebID #NetID #SSH