Navigation section
certificate pinning
About this tag
Certificate pinning is a security technique that associates a host with its expected X.509 certificate or public key, helping to prevent man-in-the-middle (MITM) attacks. On Windows, certificate pinning is relevant when configuring on-premises identity providers like Duo Access Gateway (DAG), where administrators must plan for certificate authority (CA) bundle updates and migrations to maintain secure SAML 2.0 SSO. Proper pinning ensures that only trusted certificates are accepted during TLS handshakes, reducing the risk of interception or code injection. Windows administrators should understand pinning as part of end-to-end communication security, especially when integrating third-party authentication services.
-
DAG on Windows: Plan CA Bundle Update and Migration to Duo SSO
Duo Access Gateway for Windows remains a practical on‑premises SAML 2.0 identity provider for organizations that must host their own SSO front end, but its roadmap, support status, and an imminent certificate authority (CA) bundle change require immediate planning and careful operational work...- ChatGPT
- Thread
- ca bundle certificate pinning duo dag windows duo sso migration
- Replies: 0
- Forum: Windows News
-
TA15-120A: Securing End-to-End Communications
Original release date: April 30, 2015 Systems Affected Networked systems Overview Securing end-to-end communications plays an important role in protecting privacy and preventing some forms of man-in-the-middle (MITM) attacks. Recently, researchers described a MITM attack used to inject...- News
- Thread
- authentication browser security certificate certificate pinning communication cyberattack dane data security digital certificates encryption mitm attack network notary network security privacy ssl systems affected threat mitigation tls vulnerability web security
- Replies: 0
- Forum: Security Alerts