Share via


Windows PKI blog

News and information for public key infrastructure (PKI) and Active Directory Certificate Services (AD CS) professionals

Hello all, Tochi Ezebube here again from the Active Directory Certificate Services engineering team....

Date: 12/12/2018

Wes Hammond here from Premier Field Engineering.  It has been a while since I posted anything, but I...

Date: 03/12/2018

Hey Everyone, A little while back I posted this article to my own personal blog and it is getting...

Date: 02/24/2017

Hi there! This is Tochi Ezebube with the Active Directory Certificate Services (ADCS) engineering...

Date: 11/30/2016

Update: This page has been removed.  For the most up to date information on the Microsoft SHA1...

Date: 10/19/2015

A fellow engineer at Microsoft, Roger Grimes, has published a great article on Implementing SHA-2 in...

Date: 07/24/2015

Setting up NDES using a Group Managed Service Account (gMSA) Hallo everybody, this is Andy and...

Date: 04/26/2015

Hey Everyone, I am back with the last part of this 3 of this series on TPM protected certificates....

Date: 09/08/2014

Hey Everyone, I am back with part 2 of this 3 part series on TPM protected certificates. The topics...

Date: 07/15/2014

Hey Everyone, This is Wes Hammond with Premier Field Engineering back to share what I have learned...

Date: 06/05/2014

Hello All, This is Wes Hammond with Premier Field Engineering back with follow up to a previous blog...

Date: 04/28/2014

Hey everyone this is Wes Hammond from Premier Field Engineering and I wanted to share with you some...

Date: 03/05/2014

Digital certificates are a key mechanism for establishing identity on the Internet. Trust in these...

Date: 02/21/2014

For those that missed the big news on the Ask Premier Field Engineering (PFE) Platforms blog, our...

Date: 01/08/2014

A common question in the field is about upgrading a certification authority running on Windows...

Date: 09/19/2013

Working with Internet Information Services (IIS) certificates can be a bit challenging especially...

Date: 08/27/2013

Paul Fox has uploaded a revision of his former Windows PowerShell CRL Copy script. The new script is...

Date: 05/08/2013

Tonight I spent a couple of hours reorganizing the PKI Documentation and Reference Library. I also...

Date: 03/22/2013

Windows Server 2012 System State Backup allows an administrator to back-up several Operating System...

Date: 03/21/2013

I have consolidated and updated two command line utilities recently: Certreq Certutil I took all the...

Date: 03/08/2013

It is very common to check the configuration of any certification authority using certutil...

Date: 12/27/2012

Many customers must perform a regulatory audit annually to comply with industry standards and...

Date: 12/20/2012

Hi there, I am a test engineer in the Windows team working on certificate enrollment related areas....

Date: 12/10/2012

A new feature is available in Windows Server 2012 and Windows 8 that allows you to protect exported...

Date: 10/08/2012

Microsoft released a security advisory, KB article, and software update for all supported versions...

Date: 08/14/2012

On August 14, 2012, Microsoft will issue a critical non-security update (KB 2661254) for Windows XP,...

Date: 07/13/2012

Fabian Müller, Premier Field Engineer (PFE) in Germany, just wrote a detailed article...

Date: 06/18/2012

Public key based cryptographic algorithms strength is determined based on the time taken to derive...

Date: 06/11/2012

There are a number of known untrusted certificates and compromised keys that have been issued by...

Date: 06/11/2012

During my work with a customer renewing their Issuing CA’s certificate based on the steps...

Date: 05/29/2012

I was recently helping a customer deploy a SHA-256 based PKI. As part of the retirement of their old...

Date: 05/03/2012

Starting with Windows Vista and Windows Server 2008, the option to utilize Key Storage Providers...

Date: 04/27/2012

The Network Device Enrollment Service (NDES) whitepaper is now on the TechNet Wiki and I have...

Date: 04/18/2012

Amer Kamal recently posted two articles regarding the security and maintenance of offline CAs based...

Date: 03/18/2012

A follow-up document to the original HSPD-12 Logical Access Authentication and Active DIrectory...

Date: 03/14/2012

Important notice: Microsoft does not support any apple products, if you need to troubleshoot any...

Date: 02/27/2012

Jonathan Stephens posted an excellent Blog about this topic; however, it didn’t include the...

Date: 01/27/2012

If a Key Recovery Agent (KRA) certificate is stored in a Cryptography Next Generation (CNG) Key...

Date: 01/23/2012

Microsoft MVP, Vadims Podans, has written and posted a Windows PowerShell script that can be used to...

Date: 12/08/2011

I am often asked when talking to my customers about the differences between Key Recovery and Data...

Date: 10/28/2011

The Windows KB article 889250 titled "How to decommission a Windows enterprise certification...

Date: 10/07/2011

A common question from certification authority administrators is "Does Enterprise PKI (PKIView)...

Date: 10/07/2011

Ingolfur has written a blog post as well as a TechNet Wiki article describing how a Windows Server...

Date: 09/28/2011

If you are using Windows Developer Preview and have difficulty obtaining or downloading a...

Date: 09/14/2011

If you run into an issue where you are unable to download or save certificates using Internet...

Date: 08/18/2011

If you have commonly asked questions about certificate services or PKI that you think should be...

Date: 08/08/2011

The following documentation updates have been recently made: AD CS: Deploying Cross-forest...

Date: 08/03/2011

An important security update, described in MS11-051 (https://go.microsoft.com/fwlink/?LinkId=217101)...

Date: 06/14/2011

LDAP over SSL (LDAPS) is becoming an increasingly hot topic - perhaps it is because Event Viewer ID...

Date: 06/02/2011

Background On December 1, 2010 the Federal PKI Management Authority (FPKIMA), in compliance with...

Date: 03/13/2011

Next>