net::ERR_CERT_AUTHORITY_INVALID in ASP.NET Core

Do this in the order dotnet dev-certs https –clean Remove your keys and pem from C:\Users\%username%\AppData\Roaming\ASP.NET\https dotnet dev-certs https –trust Run SPA project with “start”: “set HTTPS=true&&react-scripts start” If you run your project(Point 4) before anything else. The authority is not trusted(done by 3) and results in authority invalid errors

Extract private key from pfx file or certificate store WITHOUT using OpenSSL on Windows

I had the same problem and solved it with the help of PSPKI Powershell module from PS Gallery. While I understand that you look for a solution that preferably uses some built in functionality in Windows, installing a module from PS Gallery might be acceptable. At least it was in my case. First install the … Read more

Within a web browser, is it possible for JavaScript to obtain information about the HTTPS Certificate being used for the current page?

You can use the opensource Forge project to do this. It implements SSL/TLS in JavaScript. You can make an ajax call to the server and use a callback to inspect the certificate. Keep in mind that the server is the one sending the JavaScript so this shouldn’t be used to determine whether or not you … Read more

SSL Pinning and certificate expiry

Note: I’m more familiar with browser to server pinning (HTTP Public Key Pinning – HPKP) rather than app to server pinning, but I presume the principal is the same. In HPKP the pinning policy is provided by the server as a HTTP header but understand this is often built into the app rather than read … Read more

SSL Certificate missing from dropdown in SQL Server Configuration Manager

After communication in comments I can suppose that your main problem is the CN part of the certificate which you use. To have successful TLS communication for IIS Server one have no such strong restrictions like SQL Server has. Microsoft require (see here) that The name of the certificate must be the fully qualified domain … Read more

Powershell – Set SSL Certificate on https Binding

You have to assign the certifcate to a specific site. You can retrieve the binding information of your site using the Get-WebBinding cmdlet and set the SSL Certificate using the AddSslCertificate function: $siteName=”mywebsite” $dnsName=”www.mywebsite.ru” # create the ssl certificate $newCert = New-SelfSignedCertificate -DnsName $dnsName -CertStoreLocation cert:\LocalMachine\My # get the web binding of the site $binding … Read more

show entire certificate chain for a local certificate file

For local certificates you can see the subject and direct issuer using: openssl x509 -noout -subject -issuer -in test.crt subject= /C=US/ST=Utah/L=SLC/O=My Organization/CN=my.server.com issuer= /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA – SHA256 – G2 But that doesn’t indicate if the certificate includes any intermediate certificates or the full chain of trust. The verify command you listed will … Read more