March 14, 2019
One of the key parts of Cert Central is the push command. The purpose of this command is to enable developers to publish their public keys associated to their account.
Anyone could submit any public key, however CertCentral extracts the public key after verifying a digital signature from a
ccc push command list all the certificates in the certificate store
CurrentUser\Personal that satisfy the
Code Sigining EKU requirements. Selecting a certificate will start a dialog with the server:
Any user who trust in the CertCentral registry can search and download certificates based in a url like:
Note how the
usernameparameter to make the link between the cert and the github account explicit
To add the certificate to the
LocalMachine\TrustedPeople with a single command execute
ccc trust -u ridomin -t 728511CC02E6A80B45ABC0CC862FEF1BFD9617D7
CertCentral only stores public keys when there is a valid signature to guarantee private key ownership.
Written by Rido, a PM working in Azure and IoT from Redmond. I rarely tweet