Useful Links

From Help
Jump to: navigation, search

Get your IP:

Subnet Calculator:

SenderBase, find out where an IP is located:

DIG into DNS records:

Reverse IP tracing:

Ping, traceroute, whois, DNS lookups:

Cisco password type 7 reverser:

HTML Table Generator:

Server 2012

Forcing Replication for AD DCs


BNELabs guides

Installing a Two Tier PKI Part 1 – Installing Certificate Authority Role for Root CA

Installing a Two Tier PKI Part 2 – Install and configure CAPolicy.inf and Certificate Authority

Installing a Two Tier PKI Part 3 - Configure CRL Distribution Point (CDP) and Authority Information Access (AIA)

Installing a Two Tier PKI Part 4 – Installing Certificate Authority, Web Enrollment and IIS Roles for Subordinate CA

Installing a Two Tier PKI Part 5 – Install and configure CAPolicy.inf, Certificate Authority and request Subordinate certificate

Installing a Two Tier PKI Part 6 – Configure CRL Distribution Point (CDP) and Authority Information Access (AIA)

Installing a Two Tier PKI Part 7 – Configure DNS, IIS and Shares for CRL Distribution

Installing a Two Tier PKI Part 8 – Submit, install Subordinate Certificate request and start Subordinate CA


Removing Self-Signed RDP Certificates

Remove Self Signed RDP Certificates (PowerShell script)

Script to manually import RDP certificates: (Powershell script)

Code Signing

Using Code Signing Certificates to sign downloaded MSIs and build reputation with IE9 SmartScreen

How to create an app package signing certificate:

How to sign an app package using SignTool


Enabling Certificate for SSL on a SQL Server 2005 Clustered Installation

Enable Encrypted Connections to the Database Engine (Server 2017)

Enabling Encryption on Clustered SQL 2008 R2:

How to enable SSL encryption for an instance of SQL Server by using Microsoft Management Console

Microsoft Core Services - PKI

Configure the CDP and AIA Extensions on CA1

Configure the Server Certificate Template

Configure certificate auto-enrollment

Verify Server Enrollment of a Server Certificate

CNG Features

CryptoAPI Cryptographic Service Providers

Creating a certificate template that includes the Microsoft Platform Crypto Provider on a CA with no TPM

CNG Algorithm Identifiers

Do we need Directory Email Replication certificates?

Validate and Configure Public Key Infrastructure - Windows Hello

How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll

TLS/SSL Settings

Enable TLS 1.2 and 1.3 on Certificate authority aka PKI (Windows 2012 R2)


CRL and AIA - unable to download from LDAP locations - Enterprise Sub CA

Hyper-V on Win10 - virtual TPM not available (host guardian config issue)


Deploy Password-Based 802.1X Authenticated Wireless Access

Network Policy Server

Increasing your Network Security by Configuring RADIUS on an NPS Server

Aruba Instant authentication using Certificates and LDAP


Configure the ‘SSL Cipher Suite Order’ Group Policy Setting

Wikipedia – TLS Cipher

How to Update Your Windows Server Cipher Suite for Better Security

IIS Crypto - Tool for fixing / removing Cryptographic protocols

Strong HTTPS SSL/TLS Security for Web Servers

Cipher suite definitions

What is Suite B Cryptography


Internet X.509 Public Key Infrastructure Certificate Management Protocols

RFC 2511: Internet X.509 Certificate Request Message Format

RFC 2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile

RFC 2560: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP

RFC 2797: Certificate Management Messages over CMS

RFC 3039: Internet X.509 Public Key Infrastructure Qualified Certificates Profile

RFC 3161: Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)

RFC 3281: An Internet Attribute Certificate Profile for Authorization

RFC 3647: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework. Supersedes RFC 2527.

RFC 3749: Transport Layer Security Protocol Compression Methods

RFC 3820: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile

RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2

RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

NIST Publications

SP 800-32: Introduction to Public Key Technology and the Federal PKI Infrastructure

SP 800-131A Rev. 1: Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths

SP 800-175a: Guideline for Using Cryptographic Standards in the Federal Government: Directives, Mandates and Policies

SP 800-152: A Profile for U.S. Federal Cryptographic Key Management Systems (CKMS)

SP 800-15: MISPC Minimum Interoperability Specification for PKI Components, Version 1

FIPS 140-2: Security Requirements for Cryptographic Modules

FIPS 180-4: Secure Hash Standard (SHS)

FIPS 202: SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions

Framework for Improving Critical Infrastructure Cybersecurity

SP 800-57 Part 1 Rev 4: Recommendation for Key Management

FIPS PUB 186-4: Digital Signature Standard (DSS)


Public Key Infrastructure Testing

Cryptographic Standards and Guidelines

X.509 Path Validation Test Suite

Block Cipher Techniques

Hash Functions


Cryptographic Algorithm Validation Program

Automated Cryptographic Validation Testing


Main Page