Ars Technica

SSTP VPN with client machine certificate authentication

We've got a Windows SSTP VPN Server setup, where our domain clients authenticate with their AD credentials. Problem: It's possible to connect from any machine to our VPN. We'd like to change the ...
GIGAZINE

Let's Encrypt details changes to certificate issuance, including new certificate chains, removal of Client Authentication EKU, and shorter certificate validity periods.

Let's Encrypt has announced details of its overall policy regarding certificates issued going forward, including 'certificate chain renewal,' 'removal of TLS client authentication EKU (Enhanced Key ...
Ars Technica

SFTP using certificate authentication

If you want x509 support, you'll have to look at a commercial version of SSH. And, at that point, you would need to use a sftp/scp client built to follow their login process if they require an x509 ...
Dark Reading

Microsoft's Certificate-Based Authentication Enables Phishing-Resistant MFA

Microsoft has removed a key obstacle facing organizations seeking to deploy phishing-resistant multifactor authentication (MFA) by enabling certificate-based authentication (CBA) in Azure Active ...
Redmond Magazine

Microsoft Previews Advanced Customizations for Certificate-Based Authentications

The Microsoft Entra ID Conditional Access service is now previewing more "granular" controls over certificate-based authentication methods, per a Tuesday announcement. The more granular controls, at ...
Dark Reading

Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication

If you updated servers running Active Directory Certificate Services and Window domain controllers responsible for certificate-based authentication with Microsoft's May 10 Patch Tuesday update, you ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...