Security

IT Security – Firewalls, VPN’s, Security Patching, How To’s, Guides and Troubleshooting

Convert PEM certificate.cer and private.key to PKCS#12 (.pfx .p12)

Leave a reply
Issue: You need to create a composite .pfx certificate file package. Background and pre-requisites: The first steps in your journey should have been to create a certificate request, submit this request to a certificate authority (CA) like GoDaddy or Comodo, and finally download the completed certificate from the CA. The following steps assume you have successfully downloaded a certificate package from your certificate authority. The following example command shows what to do with all the files Read more [...]

Firefox security error when visiting the NCRS National Credit Reporting Service

Leave a reply
Issue: When using the National Credit Report Service Website (https://ncrs.uscourts.gov), or the Matrix System you may receive a security error in FireFox "Secure Connection Failed".  This is due to the SSL Certificate in use being SHA-1 and no longer accepted by FireFox 36 and above. Solution: In order to accept the certificate in use by NCRS, we need to set FireFox to allow older certificate versions: 1) In the firefox address bar type: about:config 2) click "I'll be careful I Read more [...]

Microsoft issues patch for IE zero-day security vulnerability

Leave a reply
Microsoft has released an update patch to fix the zero-day security vulnerability affecting Internet Explorer versions 6 through 11 .  The recently discovered IE vulnerability allowed nefarious parties to execute code with elevated permissions and potentially other very bad things. The update patch is available via automatic update, or if you don't want to wait for automatic updates to run you can manually launch windows update from control panel, or in the case of Windows XP browse to https://update.microsoft.com There Read more [...]

how to view the certificate chain in IE

Leave a reply
Issue:  You need to determine what certificates are being used in a client SSL connection (HTTPS://) Solution: Review the certificate chain to see the Root, Intermediate, and SSL certificates being used in the connection. Procedure: 1) Click the lock icon in the address bar and the Website Identification window will open.  Click "View Certificates" 2) click the Certification Path tab to view the certificate chain.  Then select the certificate you'd like to view and click "View Certificate" Read more [...]

USERTrust intermediate certificate malformed

Leave a reply
Issue: Users receive errors USERTrust Legacy Secure Server CA is malformed or invalid.  IE users may receive error: "Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site’s security certificate". Example of USERTrust malformed certificate error in Chrome connecting to OWA: Cause: The USERTrust intermediate cert issued by Comodo references an Entrust.net root cert that does not meet the new 2048-bit requirements. Ramifications: As Read more [...]