Ars Technica

23,000 HTTPS certificates axed after CEO e-mails private keys

Just as a heads-up for anyone who doesn't do much of this: you really shouldn't be generating private keys anywhere but on the system where they'll be used. The process that's *supposed* to happen is ...
Ars Technica

Import private key and certificate into Tomcat?

I've just purchased a wildcard SSL cert (AlphaSSL) which I'd like to install on a box running Tomcat, to replace the existing SSL certificate. I have the cert, the private key, the CA Root, the ...
Bleeping Computer

CloudPanel installations use the same SSL certificate private key

Self-hosted web administration solution CloudPanel was found to have several security issues, including using the same SSL certificate private key across all installations and unintentional ...
Gizmodo

23,000 HTTPS Certificates Pulled After CEO Sends Private Keys in an Email

The security of tens of thousands of websites is in question after the CEO of a company that sells HTTPS certificates included the private keys for 23,000 customers in an email—an apparent attempt to ...
Linux Journal

Understanding Public Key Infrastructure and X.509 Certificates

An introduction to PKI, TLS and X.509, from the ground up. Public Key Infrastructure (PKI) provides a framework of encryption and data communications standards used to secure communications over ...