SSL How To | Exporting the Private Key and Certificate from a .pfx file

If you’ve exported an SSL certificate from a Windows PC via the Certificate Manager MMC plugin into a .pfx file, you may end up needing to spilt that file into its constituent parts (e.g; for moving the certificate to a Linux based server or if you’re importing it into Plesk). Thankfully doing this is very easy.

While this tutorial is Windows orientated, all of the commands we’ll be using can be used on any OS (so long as OpenSSL is installed).

Continue reading

Let’s Encrypt are right: HTTPS does not mean a site can be trusted

Preface: Let’s Encrypt is a project that aims to make SSL certificates free and easily available for anyone and everyone. Their aim is to create a more secure internet. Read all about them on their site here. Also for this article to make sense you’ll need to understand two of the types of certificates available. Domain Validation and Extended Validation. Domain Validation certificates merely make sure your connection to a website is encrypted. Extended Validation certificates are used by companies to prove to the user that you’re talking to a legitimate business as well as that your connection to the server is encrypted.

Let’s Encrypt were recently in the news as a certificate issued by them was used by a malvertising website. Despite being made aware of this, they refused to revoke the cert. Most (if not all) other Certificate Authorities would revoke any certificate that’s used maliciously in order to prevent users being misled into thinking that they’re using a legitimate website because it uses HTTPS.

Continue reading