Web Encryption – Punishment of SMBs by Tech Giants?

Mandating use of HTTPS / SSL certainly seems to have something in common with security certifications like FIPS140-2 or Common Criteria. Very few understand how it really helps, how complex it is but many already know how costly it can be.

“Read More”

KeyChest – Unifying Public and Private Keys

KeyChest has started as an easy to use HTTPS monitoring service. What we are aiming for is a general purpose key management service, which can look after your public as well as internal web encryption keys.

“Read More”

KeyChest supports free web encryption

Category : https , keychest , letsencrypt , security

A new version of KeyChest for 2019 with Free personal end-to-end monitoring of up to 500 servers. Most preparations went up in smoke but we made it.

“Read More”

Certbot and KeyChest API

Category : https , keychest , security

KeyChest is being integrated with Let’s Encrypt more tightly, it now has its first integration hook for Certbot. It registers domains using self-registered API keys and creates dormant accounts for you simply to confirm.

“Read More”

Dash cashless – design and operation (HTTPS)

Category : https , security

I recently attended a workshop about app/web product design. The presenter asked us to think of a well and badly designed app. Dash sprang to my mind as an example of the latter. While its design is an ongoing issue, it happened at least once that its server certificate expired and users couldn’t do payments.

“Read More”

KeyChest – Getting Rid of Broken Padlocks

We all have seen it – I go to visit an interesting blog, DEFCON website, or pay for your parking on the go. But I can’t – the website or web service has an expired certificate and the “damn security wouldn’t let me do it”.

“Read More”

Growth Of HTTPS Public Logs (CT)

Category : https , keychest , security

As we have a database of all the issued public certificates, we started looking at some of the data. This is a quick note about the frequency of updates of certificate transparency (CT) logs.

“Read More”

Real-Time Certificate Info – 5,560,000,000 KeyChest Index

We have finally completed a GLOBAL certificate look-up table for real-time notifications in our re-designed KeyChest service. KeyChest has been using an external service to check for new certificates. This has become unsustainable due to the number of users and certificates we monitor.

“Read More”

PDF Signing With CloudFoxy And Smartcards – Production Notes

Category : https , security

We have handed over the first deployment of our CloudFoxy (smart cards over RESTful API) for PDF signing and it is now in live use. Here are a few observations of mine about dependencies, performance, and delivery.

“Read More”

Automate certificate monitoring with free API – KeyChest

Our certificate monitoring KeyChest has an initial RESTful API for remote enrolment of new certificates and for checking certificate expiry. Its design supports automation without any initial security/authorization setup.

“Read More”