Network World

SSLVPN Vulnerabilities – Client Certificates offer a superior defense over OTP devices

With client-certificates in play, the SSL negotiation is based on the public/private key pair of both the client and the server. This means that the attacker would have to have a valid personal ...
Ars Technica

SSTP VPN with client machine certificate authentication

We've got a Windows SSTP VPN Server setup, where our domain clients authenticate with their AD credentials. Problem: It's possible to connect from any machine to our VPN. We'd like to change the ...
GIGAZINE

Let's Encrypt details changes to certificate issuance, including new certificate chains, removal of Client Authentication EKU, and shorter certificate validity periods.

Let's Encrypt has announced details of its overall policy regarding certificates issued going forward, including 'certificate chain renewal,' 'removal of TLS client authentication EKU (Enhanced Key ...
Network World

How does certificate-based authentication work?

Certificate-based authentication is a cryptographic technique that allows one computer to securely identify itself to another across a network connection, using a document called a public-key ...
ZDNet

Manual certificate management falling way behind PKI growth

Public key infrastructure (PKI) is a system of processes, technologies, and policies for encrypting and signing data. It plays an essential role in authenticating users, servers, devices, software, ...
TWCN Tech News

Fix ERR BAD SSL CLIENT AUTH CERT error for Google Chrome

Google Chrome web browser checks the SSL Security Certificate of the web page the user is trying to access. If it cannot, then one error related to SSL Certificates ...
Ars Technica

How to obtain and install an SSL/TLS certificate, for free

Anyone operating a server on any scale should want a digital certificate to encrypt data between clients and services, whether for personal, office, or public use. That’s a broad statement, but it ...