Network World

SSLVPN Vulnerabilities – Client Certificates offer a superior defense over OTP devices

With client-certificates in play, the SSL negotiation is based on the public/private key pair of both the client and the server. This means that the attacker would have to have a valid personal ...
GIGAZINE

Let's Encrypt details changes to certificate issuance, including new certificate chains, removal of Client Authentication EKU, and shorter certificate validity periods.

Let's Encrypt has announced details of its overall policy regarding certificates issued going forward, including 'certificate chain renewal,' 'removal of TLS client authentication EKU (Enhanced Key ...
ZDNet

Manual certificate management falling way behind PKI growth

Public key infrastructure (PKI) is a system of processes, technologies, and policies for encrypting and signing data. It plays an essential role in authenticating users, servers, devices, software, ...
Ars Technica

SSTP VPN with client machine certificate authentication

We've got a Windows SSTP VPN Server setup, where our domain clients authenticate with their AD credentials. Problem: It's possible to connect from any machine to our VPN. We'd like to change the ...
Network World

How does certificate-based authentication work?

Certificate-based authentication is a cryptographic technique that allows one computer to securely identify itself to another across a network connection, using a document called a public-key ...
TWCN Tech News

Fix ERR BAD SSL CLIENT AUTH CERT error for Google Chrome

Google Chrome web browser checks the SSL Security Certificate of the web page the user is trying to access. If it cannot, then one error related to SSL Certificates ...
Forbes

The Advantages And Disadvantages Of Managed Versus In-House PKI

The effective management of public key infrastructure (PKI) for enterprise IT teams is becoming more complex and cumbersome. The increasing number of enterprise users with their desktops, laptops, ...