PKI Tutorials - Herong's Tutorial Examples
Dr. Herong Yang, Version 2.00

PKI Tutorials - Herong's Tutorial Examples

http://www.herongyang.com/PKI

Copyright © 2011 by Dr. Herong Yang. All rights reserved.

This PKI (Public Key Infrastructure) tutorial book is a collection of notes and sample codes written by the author while he was learning PKI technologies himself. Topics include CA, Certificate, Crypt::SSLeay, C#, Digital Signature, Firefox, HTTPS, IE, Java, JSSE, KeyStore, keytool, MMC, .NET, OpenSSL, PEM, Perl, PHP, PKI, S/MIME, SSL, TLS, X.509.

Table of Contents

About This Book

Introduction of PKI (Public Key Infrastructure)

What Is PKI (Public Key Infrastructure)?

Usage Examples of Public Key Infrastructure

Most Popular Certificate Authorities

Introduction of HTTPS (Hypertext Transfer Protocol Secure)

What Is HTTPS (Hypertext Transfer Protocol Secure)?

HTTPS Server Authentication Process

HTTPS Communication Data Encryption

Using HTTPS with IE (Internet Explorer) 8

Visiting "https" Web Site with IE 8

Viewing Server Certificate Details in IE 8

Viewing Server Certificate Path in IE 8

Installing Server Certificate Permanently in IE 8

Viewing Certificates in Certificate Stores in IE 8

Listing of Trusted Root CA in IE 8

Exporting Certificate to File from IE 8

Saving Server Certificate to File with IE 8

Deleting Certificates from IE 8

IE 8 Supporting Multiple Certificate Paths

IE 8 Reinstalling Root Certificates Automatically

Windows XP Component "Update Root Certificates"

Windows XP Component - Removing "Update Root Certificates"

IE 8 Displaying Certificate Error Page

IE 8 Displaying Certificate Error Icon

Viewing Certificate Path Validation Error in IE 8

Importing Root Certificate from a File to IE 8

Using HTTPS with Firefox 3

Visiting "https" Web Site with Firefox 3

Viewing Server Certificate Details in Firefox 3

Viewing Server Certificate Path in Firefox 3

Exporting Server Certificate to File in Firefox 3

Viewing Pre-Installed Certificates in Firefox 3

Listing of Trusted Root CA in Firefox 3

Exporting Certificate to File from Firefox 3

Deleting Root CA Certificates from Firefox 3

Firefox 3 Displaying Certificate Error Page

Adding Security Exception in Firefox 3

Failing to Import Root CA Certificates to Firefox 3

Certificate Trust Settings in Firefox 3

Perl Scripts Communicating with HTTPS Servers

Installing Crypt::SSLeay 0.57 on Windows

Crypt::SSLeay Test Perl Script

HTTPS Request and Response Example

Asking Crypt::SSLeay to Verify Server's Certificate

Crypt::SSLeay Failing to Verify Server's Certificate

Multiple CA Certificates in a Single File

PHP Scripts Communicating with HTTPS Servers

Configuring PHP OpenSSL on Windows

Testing OpenSSL with file_get_contents()

OpenSSL Configuration Errors

SSL Context Options for OpenSSL

Asking OpenSSL to Verify Server's Certificate

OpenSSL Failing to Verify Server's Certificate

Multiple CA Certificates in a Single File

Testing OpenSSL with fopen()

Java Programs Communicating with HTTPS Servers

Java Secure Socket Extension (JSSE)

Using openStream() Method in java.net.URL Class

javax.net.ssl.trustStore System Property

Default Trusted KeyStore File - cacerts

PKIX Path Building Failed - No CA Certificate

Using openConnection() Method in java.net.URL Class

Certificate Stores and Certificate Console

Microsoft Management Console (MMC)

Creating Certificates Console as a MMC Snap-In

Exporting a List of Root CA Certificates

Viewing Certificate Properties and Purposes

Exporting a Root CA Certificate to a File

Deleting a Root CA Certificate

Importing a Root CA Certificate from a File

Dispabling a Root CA Certificate

.NET Programs Communicating with HTTPS Servers

System.Net.Request Class for HTTPS

Test with CA Certificate Disabled

Test with Second CA Certificate Disabled

.NET Program Failed with CA Certificates Deleted

.NET Reporting Certificate Validation Failed

CAcert.org - Root CA Offering Free Certificates

About CAcert.org

Join CAcert.org as a Member

Installing CAcert.org Root CA in Firefox 3

Installig CAcert.org Root CA in IE 8

Adding and Validating Domain Names

Generating Certificate Signing Request (CSR)

Getting Server Certificate Signed by CAcert.org

PKI CA Administration - Issuing Certificates

Root CA and Intermediate CA

Requesting and Signing Personal Certificate

Generating a Private-Public Key Pair for Amy

Generating a CSR (Certificate Signing Request)

Verifying Requester's Email Address

Exporting a Private Key from a KeyStore File

Signing a CSR into a Certificate

Importing Certificate Reply Back to KeyStore

"bad decrypt:./crypto/evp/evp_enc.c:461" Error

Requesting and Signing Server Certificate

Digital Signature - Microsoft Word 2007

What Is Digital Signature?

PKI Digital Signature

Applying Digital Signatures with MS Word 2007

Creating a Digital ID and Sign Word Documents

View Digital Signatures in Word Documents

Viewing Digital ID Created by MS Word

Obtaining a Trial Digital ID from ARX CoSign

Viewing Digital ID Obtained from ARX CoSign

Digital Signature - OpenOffice.org 3

OpenOffice.org 3 - Applying Digital Signatures

Converting KeyStore Files to PKCS12 Files

Importing Private-Public Key Pair with Internet Options

Viewing a Certificate with a Private Key

Importing CA Certificates into the Trusted Store

Signing OpenOffice.org 3 Document Failed

Generating CSR for a Personal Certificate

Getting Personal Certificate Signed by CAcert.org

Storing Personal Certificate with Its Keys

Installing Personal Certificate with Internet Options

Signing OpenOffice.org 3 Document Worked

S/MIME and Email Security

What Is S/MIME?

Digital Signature Scheme for Email Messages

A Simple Email Message Example

Email Messages with Attachments using MIME

Email Messages with Digital Signatures using S/MIME

Encrypted Email Messages using S/MIME

Digital Signature and Encryption in Outlook 2007

Email Security Settings in Outlook 2007

Valid Certificate Required in Outlook 2007

Message Security Properties in Outlook 2007

Firefox Extension - Gmail S/MIME

PKI (Public Key Infrastructure) Terminology

References

Printable Copy - PDF Version

Keywords: PKI, Public, Key, Infrastructure, Security, Tutorial

Dr. Herong Yang, updated in 2011
Table of Contents