Comments for JW Network Consulting

Comment on Spyware Removal – Pain followed by success by Jason

Jason — Fri, 18 Dec 2009 21:26:16 +0000

Thanks Kathy. I’m curious which areas you disagreed with. I know the whole idea of trying to “remove” spyware is already getting onto thin ice, but I wanted to know what you had in mind.

Comment on Spyware Removal – Pain followed by success by Kathy Smith

Kathy Smith — Fri, 18 Dec 2009 20:04:31 +0000

While I don’t agree with everything you said you do have some valid points. Overall it was pretty good probably be back.

Comment on Create an SSL Certificate Authority on Linux and Use It in Windows AD by Paul

Paul — Sun, 15 Nov 2009 09:29:52 +0000

hey great article, how do i reverse this and a) take a windows created root authority cert and install it on linux for openssl to use during secure sockets operations (not apache).

Comment on Create an SSL Certificate Authority on Linux and Use It in Windows AD by Tomas

Tomas — Tue, 10 Nov 2009 19:33:10 +0000

Hi,
is possible somehow use user-certificates in AD from linux CA?
I have linux CA, imported into AD, I have created user-certificates and want to add them to each user in AD .. is is possible or not?

Comment on Create an SSL Certificate Authority on Linux and Use It in Windows AD by Jason

Jason — Wed, 21 Oct 2009 03:52:51 +0000

Hi Robert,
The honest answer is that I don’t know. You are going a lot further with your deployment than I had to with mine. I’ve never tried to use the Windows Certificate Services, so while I can’t see why you couldn’t, I really don’t know for sure. I’d have to play with that for a while to find out. Or you can and let us know how it goes.

Jason

Comment on Create an SSL Certificate Authority on Linux and Use It in Windows AD by Robert

Robert — Tue, 20 Oct 2009 20:23:52 +0000

jason,

I would like to implement a PKI hierarchy that consists of 2 levels or more, a offline root CA and additional subordinate CA’s that require access to the root CA. As the distance from the root CA increases more levels may be needed. If my (offline) Root is a Linux CA server that works in Windows AD, and I copy the ca.crt to your Windows AD domain controller, rename the text file and change the extension to .cer so that it can be used as an SSL certificate, import the CA Certificate to Windows Active Directory, use Group Policy to make this certificate authority a trusted CA through out the domain, can online issuing subordinate CA’s be any additional domain controllers within the domain?

Comment on Signing SSL Certificate Requests by BrendanX

BrendanX — Tue, 04 Aug 2009 05:44:03 +0000

Thanks heaps JW. Both of your posts were the best on the web, for a subject with a lot of theory but not many straight forward howtos. Keep it up!

Comment on FreeBSD 7.0 Build by FreeBsd partition scheme: — Trials & Tribulations

FreeBsd partition scheme: — Trials & Tribulations — Thu, 04 Jun 2009 03:59:11 +0000

[...] OP1 [...]

Comment on Create an SSL Certificate Authority on Linux and Use It in Windows AD by Jason

Jason — Sat, 21 Mar 2009 16:22:06 +0000

Khalid,
I’m not sure. PHP isn’t really my thing. A guess would be that the command is waiting for user input, but since you have things setup in your openssl.conf file I’m not sure if that would be the case. I’d ask one of the PHP forums to see what they think.

Good luck.

Comment on Create an SSL Certificate Authority on Linux and Use It in Windows AD by khalid

khalid — Sat, 21 Mar 2009 12:09:29 +0000

hi. i am trying to use sudo to execute openssl commands in php program. the commands doesn’t respond. while the same commands work well in the terminal. the command is as follow.
exec(“openssl req -config /etc/pki_jungle/myCA/openssl.my.cnf -new -keyout /etc/pki_jungle/myCA/private/server.key -nodes -out /etc/pki_jungle/myCA/server.csr -days 365″);
the configuration file openssl.my.cnf is modified so that the creation of the signing request is batched and no further input is needed. what is the problem?