PKI Tutorials - Herong's Tutorial Examples

http://www.herongyang.com/PKI

Copyright © 2018 by Dr. Herong Yang. All rights reserved.

PKI Tutorials This tutorial book is a collection of notes and sample codes written by the author while he was learning PKI (Public Key Infrastructure) technologies himself. Topics include Root CA (Certificate Authorities); SSL (Secure Socket Layer), TLS (Transport Layer Security), and HTTPS (HyperText Transfer Protocol Secure) protocols; Server and client authentication processes; Communication data encryption; Using HTTPS with Chrome, Firefox, and Internet Explorer; X.509 certificate format; Certificate store and management tools; Certificate validation chain; CSR (Certificate Signing Request); Digital signature on MS Word and OpenOffice documents; Get free personal certificate from Comodo.

Table of Contents

About This Book

Introduction of PKI (Public Key Infrastructure)

What Is PKI (Public Key Infrastructure)?

Usage Examples of Public Key Infrastructure

Most Popular Certificate Authorities

Introduction of HTTPS (Hypertext Transfer Protocol Secure)

What Is HTTPS (Hypertext Transfer Protocol Secure)?

HTTPS Server Authentication Process

HTTPS Communication Data Encryption

Using HTTPS with Google Chrome

Visiting "https" Web Site with Google Chrome

Viewing Server Certificate in Google Chrome

Viewing Server Certificate Path in Google Chrome

Exporting Server Certificate to File in Google Chrome

Viewing Trusted Root CA Certificates in Google Chrome

Listing of Trusted Root CA in Google Chrome

Exporting Root Certificate to File from Google Chrome

Deleting Root CA Certificates from Google Chrome

Google Chrome Shares Windows PKI with IE

Using HTTPS with Mozilla Firefox

Visiting "https" Web Site with Mozilla Firefox

Viewing Server Certificate in Mozilla Firefox

Server Certificate General Information

Viewing Server Certificate Path in Mozilla Firefox

Exporting Server Certificate to File in Mozilla Firefox

Viewing Pre-Installed Certificates in Mozilla Firefox

Listing of Trusted Root CA in Mozilla Firefox

Exporting Certificate to File from Mozilla Firefox

Deleting Root CA Certificates from Mozilla Firefox

Mozilla Firefox Displaying Certificate Error Page

Adding Security Exception in Mozilla Firefox

Failing to Import Root CA Certificates to Mozilla Firefox

Certificate Trust Settings in Mozilla Firefox

HTTPS with IE (Internet Explorer)

Visiting "https" Web Site with IE

Viewing Server Certificate Details in IE

Viewing Server Certificate Path in IE

Installing Server Certificate Permanently in IE

Viewing Certificates in Certificate Stores in IE

Listing of Trusted Root CA in IE

Exporting Certificate to File from IE

Saving Server Certificate to File with IE

Deleting Certificates from IE

IE Supporting Multiple Certificate Paths

IE Reinstalling Root Certificates Automatically

Windows Automatic Root Update Mechanism

Perl Scripts Communicating with HTTPS Servers

Installing Crypt::SSLeay 0.72 on Windows

LWP Library Supports HTTPS

LWP SSL verify_hostname Setting

LWP SSL List of Root CA Certificates

Crypt::SSLeay Test Perl Script

HTTPS Request and Response Example

Asking Crypt::SSLeay to Verify Server's Certificate

Crypt::SSLeay Failing to Verify Server's Certificate

Multiple CA Certificates in a Single File

PHP Scripts Communicating with HTTPS Servers

Configuring PHP OpenSSL on Windows

Testing OpenSSL with file_get_contents()

OpenSSL Configuration Errors

SSL Context Options for OpenSSL

Asking OpenSSL to Verify Server's Certificate

OpenSSL Failing to Verify Server's Certificate

Multiple CA Certificates in a Single File

Testing OpenSSL with fopen()

Java Programs Communicating with HTTPS Servers

Java Secure Socket Extension (JSSE)

Using openStream() Method in java.net.URL Class

javax.net.ssl.trustStore System Property

Default Trusted KeyStore File - cacerts

PKIX Path Building Failed - No CA Certificate

Using openConnection() Method in java.net.URL Class

Windows Certificate Stores and Console

Microsoft Management Console (MMC)

Creating Certificate Console as a MMC Snap-In

Exporting a List of Root CA Certificates

Viewing Certificate Properties and Purposes

Exporting a Root CA Certificate to a File

Deleting a Root CA Certificate

Importing a Root CA Certificate from a File

Dispabling a Root CA Certificate

.NET Programs Communicating with HTTPS Servers

CAcert.org - Root CA Offering Free Certificates

About CAcert.org

Join CAcert.org as a Member

Installing CAcert.org Root CA in Firefox

Installig CAcert.org Root CA in IE

Adding and Validating Domain Names

Generating Certificate Signing Request (CSR)

Getting Server Certificate Signed by CAcert.org

PKI CA Administration - Issuing Certificates

Comodo Free Personal Certificate

Applying Free Personal Certificate at Comodo

Installing Comodo Personal Certificate with Firefox

Viewing Comodo Personal Certificate in Firefox

Backing up Comodo Personal Certificate from Firefox

Exporting Public Key Certificate from Firefox

Installing Comodo Personal Certificate with Chrome

Installing Comodo Personal Certificate to Windows

Viewing Comodo Personal Certificate in Windows

Digital Signature - Microsoft Word

Digital Signature - OpenOffice.org 3

OpenOffice.org 3 - Applying Digital Signatures

Converting KeyStore Files to PKCS12 Files

Importing Private-Public Key Pair with Internet Options

Viewing a Certificate with a Private Key

Importing CA Certificates into the Trusted Store

Signing OpenOffice.org 3 Document Failed

Generating CSR for a Personal Certificate

Getting Personal Certificate Signed by CAcert.org

Storing Personal Certificate with Its Keys

Installing Personal Certificate with Internet Options

Signing OpenOffice.org 3 Document Worked

S/MIME and Email Security

What Is S/MIME?

Digital Signature Scheme for Email Messages

A Simple Email Message Example

Email Messages with Attachments using MIME

Email Messages with Digital Signatures using S/MIME

Encrypted Email Messages using S/MIME

Digital Signature and Encryption in Outlook

Email Security Settings in Outlook

Valid Certificate Required in Outlook

Message Security Properties in Outlook 2007

Firefox Extension - Gmail S/MIME

PKI (Public Key Infrastructure) Terminology

Outdated Tutorials

Outdated: Viewing Server Certificate in Chrome 40

Outdated: Viewing Server Certificate in Firefox 35

Outdated: Viewing Pre-Installed Certificates in Firefox 35

Outdated: Firefox 35 Displaying Certificate Error Page

Outdated: Adding Security Exception in Firefox 35

Outdated: Windows XP Component "Update Root Certificates"

Outdated: Creating Certificates Console on Windows XP

Outdated: Applying Digital Signatures with Word 2007

OutDated: Creating a Digital ID and Sign Word Documents

OUtdated: Viewing Digital ID Created by MS Word

Outdated: Obtaining a Trial Digital ID from ARX CoSign

Outdated: Viewing Digital ID Obtained from ARX CoSign

Outdated: Windows XP Component - Removing "Update Root Certificates"

Outdated: IE 8 Displaying Certificate Error Page

Outdated: IE 8 Displaying Certificate Error Icon

Outdated: Viewing Certificate Path Validation Error in IE 8

Outdated: Importing Root Certificate from a File to IE 8

References

Full Version in PDF/EPUB

Keywords: PKI, Public, Key, Infrastructure, Security