Implementing a public key infrastructure (PKI) is a recurring task for me. More and more customers tend to implement a PKI in their environment. Mostly not to increase security, rather then to get rid of browser warnings because of self-signed certificates, to secure intra-org email communication with S/MIME, or to sign Microsoft Office macros. tumbledore / pixabay.com/ Pixybay License What is a 2-tier PKI? Why is a multi-tier PKI hierarchy a good idea?

Sometimes you have to replace SSL certificates instead of updating them, e.g. if you switch from a web server SSL certificate to a wildcard certificate. The latter was my job today. In my case, the SSL certificate was used in a Microsoft Exchange 2016 deployment, and the NetScaler configuration was using multiple virtual servers. I’m using this little script for my NetScaler/ Exchange deployments. [caption id=“attachment_3750” align=“alignnone” width=“640”] skylarvision/ pixabay.com/ Creative Commons CC0[/caption]