問題描述
Windows 上的 X.509 證書入門 (Primer for X.509 certificates on Windows)
我目前正在研究通過 WSE 3.0 或 WCF 對 SOAP 消息進行加密和簽名的主題。由於我沒有參與過涉及公共 Internet 的分佈式應用程序開發,因此我發現我對 X.509 證書及其在 Windows 證書存儲機制中的工作原理缺乏了解。這與非對稱密碼學無關;這是關於PKI生態系統的。
因此我想收集一些文章或書籍來全面解釋Windows的安全機制,如何正確使用和管理證書存儲,CA信任鏈,以及 WSE 或 WCF 等 API 如何交互和使用證書。推薦?
參考解法
方法 1:
Everyone using (or thinking of using) X.509 certificates should be forced to read this: Everything you Never Wanted to Know about PKI but were Forced to Find Out, as well as X.509 Style guide, both by Peter Gutmann.
方法 2:
I think the base starting point to understanding the Windows implementation of PKI has to come from TechNet
PKI segment http://technet.microsoft.com/en‑us/library/cc757327(WS.10).aspx
Certificates overview http://technet.microsoft.com/en‑us/library/cc784662(WS.10).aspx
Certificate services http://technet.microsoft.com/en‑us/library/cc783511(WS.10).aspx
Certificate templates http://technet.microsoft.com/en‑us/library/cc758496(WS.10).aspx
方法 3:
"Learning WCF" by Michele Bustamente has a good overview chapter on WCF security, including some basic discussion on X.509 certificates.
方法 4:
From the MSDN:
(by icelava、Teddy、icelava、ng5000、mirezus)