We have updated SSL Cert Checker, our combined SSL Checker, Certificate Discovery, and Certificate Monitoring Tool. In response to requests, it now supports sending expiry alerts and reports via authentciated SMTP servers. If you would like to try it out, please use this request form or drop us an email. 

-- Phil

Cert Checker, our SSL certificate discovery and monitoring tool, has been updated so that its output can now be imported into Cert Centre, our certificate management product. Once the certificate details have been imported into Cert Centre you will have a consolidated view of your certificates across multiple CAs. Cert Centre also allows non SSL certificates to be imported making it much easier to track all types of X.509 certificates from a single dashboard. 

-- Phil

Do you know if any of your deployed certificates contain Debian weak keys? We have added a short article to the Cert Logik web site describing what methods are available to help you find Debian weak keys within CSRs, certificates, and also within SSL certificates installed on your network.

-- Phil

We've just added a video of our web based Bulk SSL Checker to the Cert Logik website. The Bulk SSL Checker tool is simple to use:

1. Create an account (so we can email you the results)

2. Log in

3. Upload a text file containing the list of the hostnames you want to check - each hostname should be on a separate line

That's it. Once we've processed your file, we'll email you the results. 

-- Phil

In response to user requests, we've added a couple of small features to our certificate expiry checker. The first feature allows you to locate the file that contains the list of servers or IPs to scan for certificates in a different location to the certificate monitor itself. You can, of course, still scan for certificates by IP range if you prefer. The second feature allows certificate expiry alerts and certificate expired alerts to be sent to a different email address than the SSL certificate report itself. This may be useful if you would like to have expiry alerts go straight to the helpdesk while only sending certificate reports to the IT security team for example.

-- Phil

To make it even easier to view the results from an SSL certificate scan, we are bundling a lite version of our Cert Centre product with our SSL Certificate Discovery and Certificate Monitoring products. Below is a screenshot from Cert Centre Lite:

Trustis are planning to release the Linux version of the Red Kestrel SSL Certificate Discovery tool on a secure Linux appliance. Please see the Trustis pdf for more information. 

Trustis is one of the UK's leading authorities on PKI (Public Key Infrastructure) and Digital Certificates. Their strength is that they can cover every aspect of a solution, from PKI design and architecture through to application integration and deployment of complete online security and authentication systems. 

-- Phil

We know that sometimes you may have many SSL sites to check. When each site has to be entered into the SSL Checker separately, it can be tedious and long-winded . For this reason, we have created Bulk SSL Checker. Create a free account and try it out.

Bulk SSL Checker has many features including:

• You simply upload the hostnames to check and it does the rest
• Provides detailed reports emailed directly to you in both CSV and HTML formats
• Reports highlight potential issues including:
  • expired certificates
  • certificates expiring in 90 days or less
  • untrusted certificates 
  • certificates that contain weak keys due to a security flaw in older versions of Debian based systems
  • certificates that may cause a breach in security or policy due to key length
  • certificates that do not list the hostname they are associated with 

Please give it a try and let us know what you think. Thanks.

-- Phil

Just a quick note to say that after feedback from users we have released a new version of our SSL Certificate Discovery Tool. This version allows you to specify the ports you would like to be checked for the IP range entered. Previous versions used a fixed value. If you would like to try it out please drop us a line at info@redkestrel.co.uk. I look forward to receiving more of your feedback and suggestions. Thanks.

-- Phil

In addition to our products, we provide a number of PKI and SSL services. Our SSL Certificate Discovery and Audit services are designed for businesses that want to improve the security and management of their SSL certificates through a deep understanding of the SSL certificates they have deployed. The service uses a set of automated tools, developed by us, to provide an overview and also an in depth understanding of your SSL certificate inventory.

Our reports will highlight any areas for concern, for example: expired certificates, weak keys, untrusted certificates, self signed certificates, and short keys.

If you would like to know more about this service or any of our other services, please don't hesitate to contact us 

http://www.redkestrel.co.uk/contact.html

-- Phil