EFS Certificate Configuration Updater

  •        70

One of the most critical outstanding issues with the use of EFS in the enterprise is that the EFS component 'driver' does not automatically start using "better" EFS certificates when they are enrolled. This command-line application wlil help an organization migrate EFS-encryp...




Related Projects

Win32-Security-EFS - Release history of Win32-Security-EFS

Release history of Win32-Security-EFS

Cryptlib - provides Encryption and Authentication Service

cryptlib is a powerful security toolkit that allows even inexperienced crypto programmers to easily add encryption and authentication services to their software. It provides support for S/MIME and PGP/OpenPGP secure enveloping, SSL/TLS and SSH secure sessions, CA services such as CMP, SCEP, RTCS, and OCSP, and other security operations such as secure timestamping.

X509 Certificate management tools

Windows based utilities for viewing and managing X509 certificates. Intended to be a replacement/addition for the standard MMC certificate viewer.


Java client which connects to a corresponding CA server in order to ask, renew, revoke X.509 certificates. Those certificates may also be used to sign, encrypt and decrypt PDF files (thanks to the ITextPDF library).

EasyCert - EasyCert quickly generates web server TLS certificates that have been self-signed by a private certificate authority that it also creates

Use EasyCert to easily generate webserver certificates against a private certificate authority that is also generated by this tool. Why would you want to use this? This should only be used within company networks, never public facing. You would use this to implement your own TLS connections where you are dealing in a test environment where the security doesn't really matter. This is more about making sure things work across https correctly. In other words, when you are working on anything production-level you'd want to acquire a genuine certificate from a trusted certificate authority and probably pay for it or better yet use LetsEncrypt.This has been tested and run on OSX which is comes pre-installed with openssl, that is all you need.

Openswan - IPsec implementation for Linux

Openswan is an IPsec implementation for Linux. It has support for most of the extensions (RFC + IETF drafts) related to IPsec, including IKEv2, X.509 Digital Certificates, NAT Traversal, and many others. It has been the de-facto Virtual Private Network software for the Linux community since 2005. If you are running Fedora, Red Hat, Ubuntu, Debian (Wheezy), Gentoo, or many others, it is already included in your distribution.

confluent-platform-security-tools - Security tools for the Confluent Platform.

This repo contains a tool that generates Kafka keystores and trust stores, along with a diagram that explains how keystores and trust stores can be deployed in Kafka.Both the diagram and the script store the CA in the trust store. The trust store can be configured in other ways, for example, with multiple CAs, or with certificates instead of CAs. However, at this time, the diagram and the script don't address these additional configurations.

sharkey - Sharkey is a service for managing certificates for use by OpenSSH

Sharkey is a service for managing certificates for use by OpenSSH.Sharkey has a client component and a server component. The server is responsible for issuing signed host certificates, the client is responsible for installing host certificates on machines. Sharkey builds on the trust relationships of your existing X.509 PKI to manage trusted SSH certificates. Existing X.509 certificates can be minted into SSH certificates, so you don't have to maintain two separate PKI hierarchies.

efs utility

A utility to simplify transmission of surplus lines insurance stamping office data to and from the Surplus Lines Stamping Office of Texas Electronic Filing System (EFS) programmatic interface.

openefs-webapi - Fork of git.openefs.org/efs-webapi.git

Fork of git.openefs.org/efs-webapi.git


A simple, secure and free tool for encryption and signature for Microsoft Windows and Unix. Part of the IDEALX quot;OpenTrustquot; suite (IDX-PKI, IMC, IDX-smbldap-tools...), it provides confidentiality and security through X.509-PKCS certificates. Languages:

Digital Wallet

e-Wallet is a WPF application that allows you to store sensitive information such as online banking accounts or user names and passwords, and protect all of that information securely with a single password or a digital certificate.

mrsa - Mediated RSA in golang

Mediated RSA is a way to split RSA operations amoung multiple parties, none of whom know the entire private key.It was introduced by D. Boneh, X. Ding, G. Tsudik, and M. Wong in 2001 in their paper[A Method for Fast Revocation of Public Key Certificates and Security Capabilities](http://crypto.stanford.edu/~dabo/abstracts/sem.html).


Buy/Renew Cheap Thawte SSL Certificates and protect your site by giving it highest level of security possible and gain customer’s confidence.

privacyIDEA - Modular Authentication System

privacyIDEA is a Two Factor Authentication System which is multi-tenency- and multi-instance-capable. Using privacyIDEA you can enhance your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with a second factor during authentication.


Decodes Base64 encoded PKCS7 security certificates and saves them as .spc files.


JSDSI is a Java implementation of the Simple Public Key Infrastructure / Simple Distributed Security Infrastructure (SPKI/SDSI). JSDSI implements a Java Cryptographic Provider for SPKI/SDSI certificates and certificate chain discovery algorithms.

coreos-cluster - An example of how to provision a CoreOS cluster on AWS using Terraform and ansible-vault

An example of how to provision a CoreOS cluster on AWS using Terraform. This example sets up a VPC, private and public networks, NAT server, an RDS database, a CoreOS cluster and a private Docker registry and properly configures tight security groups.The cluster is configured via cloud-config user data and runs etcd2.service and fleet.service. All peer and client traffic is encrypted using self signed certificates.

acme - :lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)

acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly integrate into your webserver setup to enable automatic verification. Unlike the official Let's Encrypt client, this doesn't modify your web server configuration.You can perform verifications using port 80 or 443 (if you don't yet have a server running on one of them); via webroot; by configuring your webserver to proxy requests for /.well-known/acme-challenge/ to a special port (402) which acmetool can listen on; or by configuring your webserver not to listen on port 80, and instead running acmetool's built in HTTPS redirector (and challenge responder) on port 80. This is useful if all you want to do with port 80 is redirect people to port 443.

python-redfish - Python library and client for Redfish support

This repository will be used to house the python-redfish library, a reference implementation to enable Python developers to communicate with the Redfish API (http://www.dmtf.org/standards/redfish).To use the enclosed examples, you will need Python 2.7 or Python 3.4 (https://www.python.org/downloads/). Note that Python 2.7.9 enforces greater SSL verification requiring server certificates be installed. Parameters to relax the requirements are available in the library, but these configurations are discouraged due to security.