Current location - Quotes Website - Personality signature - What are the suffixes of public key, private key and certificate in SSL?
What are the suffixes of public key, private key and certificate in SSL?
SSL certificate suffix

CSR-–A certificate signing request, that is, a certificate signing request, is not a certificate, but an application for obtaining a signed certificate from an authoritative certificate authority. Its core content is a public key (and of course some other information). When this application is generated, it will also generate a private key, which should be kept by itself. Friends who have done iOS APP should know how to apply for Apple's developer certificate.

KEY- usually used to store RSA public key or private key instead of X.509 certificate. The code is the same, and it may be PEM or DER.

CRT- CRT should be the three letters of the certificate, which actually means the certificate. It is very common in *NIX system, which may be PEM code or DER code, and most of them should be PEM code. The CRT format provided by this site is equivalent to CER and PEM.

PEM- abbreviation for privacy enhanced email, stored as text. Open the text format, starting with "-begin …" and ending with "-end …", and the content is coding. Check the information of PEM format certificate: OpenSSL x509-in certificate. PEM-text-noout Apache and *NIX servers prefer to use this encoding format.

CER- or certificate, or certificate, is very common in Windows system. It may also be PEM code or DER code, and most of them should be DER codes.

DER-–Abbreviations that distinguish coding rules are stored in binary, and the file structure cannot be previewed directly. Check the certificate information in der format: OpenSSL X509-in certificate. Der-Informer-text-noout Java and Windows servers prefer to use this encoding format.

PFX/p12–the predecessor of PKCS #12, CRT and KEY are usually stored in different files for *nix server, but IIS of Windows saves them in a pfx file (so this file contains certificate and private key). Is this not safe? I don't think so. PFX usually has an "extract password". If you want to read the content, it requires you to provide the extraction password. The time code used by PFX, how to convert PFX into PEM code?

JKS-that is, Java key storage, which is a patent of Java and has little to do with OpenSSL. Using a tool called "keytool" in Java, you can convert PFX into JKS. Of course, keytool can also generate JKS directly.

Related articles
  • Will Ping An Bank be sued for signing an electronic contract?
  • Is the Black Golden Falcon collectible?
  • The most powerful military academy in Shijiazhuang
  • What are some meaningful short signatures?
  • Enthusiastic male fans kissed Zhang Zhenlin's face. He really kissed, jumped up and kissed. Is he very popular?
  • What kind of signature attracts women?
  • How to make the attendance sheet?
  • Describe the similarities and differences between digital signature and message digest algorithm.
  • What does the sign on the bank card mean?
  • Personal signature about family.

    • copyright 2024 Quotes Website All rights reserved