How to make File extensions in Windows Explorer visible

For Windows 10 and 11, the file extensions are hidden by default. In Windows 11 open View in the toolbar and scroll down to Show and choose File name extensions.

The file extension is often used to identify the format of a file. For example: name.txt indicates a text file. Modern Windows versions do not know the limitation of file names, like the 8.3 convention known by MS-DOS (8 characters file name, 3 characters extension). In Windows 10, the default setting is that all extensions known to the system are hidden in Explorer. This fact is exploited by various malware programs. To make the file extension visible, go to the Explorer options in the Control Panel, or call up File Explorer Options directly.

File extensions for known file types

In Windows 10 explorer ribbon click the checkbox File name extensions or click the options button in the view tab to open File Explorer Options.

Alternatively, there is the option of calling the MMC console directly.

In the File Explorer Options, the setting for file extensions can be hidden or displayed in the View Tab.

Uncheck Hide extensions for known file types and click OK. Any files are now displayed with extensions.

Windows 11 Show File name extensions

In Windows 11 it has become easier, in the explorer open View in the toolbar and scroll down to Show and choose File name extensions.

The filename extensions with type for all files in Windows 11 File Explorer will now displayed.

  With regard to system security, the visibility of the file extensions is also recommended, as malware and Trojans are less able to hide because the extension identifies the type and which program the file is associated with.

  A related post here that might also interest you!

Common filename extensions

Many operating systems do not limit filenames to one extension shorter than 4 characters. It as was common with some operating systems that supported the File Allocation Table (FAT) file system. Operating systems that do not impose this limit include Unix-like systems, and Microsoft Windows NT, 95-98, and ME. Which have no three character limit on extensions for 32-bit or 64-bit applications on file systems other than pre-Windows 95 and Windows NT 3.5 versions of the FAT file system. Some filenames are given extensions longer than three characters. While MS-DOS and NT always treat the suffix after the last period in a file’s name as its extension, in UNIX-like systems. The final period does not necessarily mean that the text after the last period is the file’s extension.

This is a list of common Windows file name extensions, organized by type.

Installing the Lets Encrypt certificate using Win-ACME v2 on Windows Server.

Let’s Encrypt is an issuer of free SSL certificates, went into operation at the end of 2015. The CA certification authority for free certificates enjoys great popularity, initially for Linux, it is now also available for Windows. Win-ACME 2 can also largely automate the management of SSL/TLS certificates.

How to Install Win-ACMEv2

As with the previous version, the current version is a command-line tool with menus, so that it can also be run under Server Core. win-acme is started by calling wacs.exe.

Request Lets Encrypt Certificate

When you interactively request a certificate with win-acme via Simple Mode, the process is largely the same as with the previous version 1. This example runs Win-ACME 2 on a Windows Server 2019 with the IIS role.

To verify the domain, this is where the binding is configured from the Internet Information Services (IIS) Manager – InetMgr.exe.

Run win-acme on Windows Server to create certificate

After running wacs.exe select the option No to create a new certificate with the default settings. win-acme searches for the bindings in the IIS. If no bindings are configured, win-acme cancels the operation.

In the next step, you select the IIS website for which you want to request and issue the certificate.

The next step is to decide whether to use all bindings or only specific IIS Web sites. In the second case, you select them via a filter.

win-acme http-01 method

After further confirmation, the certificate request starts. To verify the authority of the domain, win-acme uses the http-01 method. The client receives a token from Let’s Encrypt, which it writes to a file on the local server, which is then read out by Let’s Encrypt.

  Let’s Encrypt expects to read the token from the file via HTTP. Therefore, win-acme on the firewall requires the release for port 80 to the server.

win-acme certificate is located in certificate store

The certificate is located in the server’s certificate store after the operation completes successfully. In addition, win-acme stores the certificate in PEM and PFX format under the following path.

C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org

The authority of the domain for which you request a certificate must be proven not only at the initial issuance, but also every 3 months for the renewal of the certificate.

In most common situations, it is not desirable for a server to be permanently accessible from the Internet only to request a certificate without protection on port 80. Here the use of a proxy or a temporary port release should be considered.

win-acme DNS-01 method

To bypass the passing of port 80 on the firewall, there is the option to change the challenge instead of http-01. DNS-01. Particularly it is useful where the token is entered as a TXT record in the DNS.

_acme-challenge.<MEINE_DOMAIN>

This method also has the advantage that wildcard certificates can be issued. The prerequisite for DNS-01 is of course that the domain in question is hosted externally. And is therefore accessible for Let’s Encrypt.