Certificates, part4: PowerShell/WinRM remoting over HTTPS, and cert copying

To do the PowerShell remoting over HTTPS, the WinRM on the remote machine needs a certificate. If you join the machine to a domain, this certificate¬†might be generated automatically, I haven’t tried. But for the non-domain-joined machines a self-signed certificate can be used instead. I’m going to create the cert on my work machine and…

0

Certificates, part 3: encryption and decryption by hand, and SecureString

Continuing the example from part 2, what if you don’t have the class EnvelopedCms, such as on the NanoServer in general and CoreCLR in particular? (BTW, that class will be added in the final server 2016 release but it’s not available in the current preview). Then you can construct the envelopes manually. In the simple case…

0

Certificates, part 2: encryption and decryption, and some about the cert store

To do the encryption and decryption with pubic/private keys, you need to start with getting a certificate. The easiest way is to generate a self-signed cert. The first thing to know is that the cert from the PowerShell command New-SelfSignedCertificate won’t work. It hardcodes the wrong crypto provider into the certs it generates. The wrong…

0

Certificates, part 1: what do they mean

I’ve recently learned about certificates on Windows, and I must say collecting the information about them wasn’t that easy. So I want to write down the summary while it’s fresh in my mind. It’s not the most exhaustive treatment but I hope that it’s a good quick introduction. First, what is a certificate? I hope…

3