How to secure Internet Servers with X.509 Client Certificates? How to deploy X.509 Client Certificates ? How does a Certificate Signing Request (CSR) work ? In this hands-on video we will run a little nodejs Server that requests Authentication with an X.509 Client Certificate, we will Sandbox a CSR with XCA and we will have a look at OpenXPKI which is a great Software to automate processes around TLS and Certificate Generation, Key Management and the like. Last but not least I show a Blueprint on how to securely link a hosted MQTT into your home automation Software.
The XCA Tool can be obtained here: https://hohnstaedt.de/xca/
More Info on my Cheat Sheet Repo here: https://github.com/onemarcfifty/cheat-sheets/tree/main/Certificates
The nodejs Server Example is on my github: https://github.com/onemarcfifty/client-cert-test
0:00 The use case
1:27 Get the Demo Server from my Github repo
4:20 How to generate client certificates
5:37 How secure is this?
8:04 How to deploy client certificates
9:16 Certificate Signing requests (CSR)
12:45 OpenXPKI
14:10 A blue print for a secure MQTT / Home Automation App
YouTube: https://www.youtube.com/c/onemarcfifty
Twitter: https://twitter.com/onemarcfifty
Discord: https://discord.com/invite/DXnfBUG
Github: https://github.com/onemarcfifty
Patreon: https://patreon.com/onemarcfifty
Blog: https://www.onemarcfifty.com