Monthly Archives: June 2010

How to verify that a private key matches a CSR or certificate

Here’s a quick note on how you can use OpenSSL to verify that a private key matches a CSR or certificate. Basically, the moduli of the key, the certificate, and CSR should be the same. To make the comparison a bit easier you can compare the md5 ha… Continue reading

Advertisements
Posted in Uncategorized

Moving to 2048-bit RSA keys

As we mention in our CSR FAQ, several organisations including NIST recommend a minimum of 2048-bit RSA keys for SSL and other end-entity certs that expire after 31st December 2010. Here’s a recent blog post from Entrust on the subject. – Phil Continue reading

Posted in Uncategorized

SSL Certificates and Multiple Domain Names

When a browser is determining whether or not to trust your certificate, it checks that the domain name in the address bar matches your SSL certificate. Typically it does this by checking that the certificate’s Common Name (CN), which is specified … Continue reading

Posted in Uncategorized

New SSL Checker feature

Just to let you know, we’ve added a new check to our SSL Checker tool. It now checks that the SSL certificate being tested will be trusted by most browsers. It does this by building a certificate chain from the SSL certificate to a trusted root CA… Continue reading

Posted in Uncategorized

Welcome to our blog

Hello World! We launched Cert Logik as a public beta a few days ago and we hope you are finding the tools useful. Please let us know how we can improve them for you, what features you’d like to see, what other tools you need, and any other feedbac… Continue reading

Posted in Uncategorized