Private keys and certificates can be stored in a variety of formats, which means that you’ll often need to convert them from one format to another. The most common formats are:

Binary (DER) certificate

Contains an X.509 certificate in its raw form, using DER ASN.1 encoding.

ASCII (PEM) certificate(s)

Contains a base64-encoded DER certificate, with -----BEGIN CERTIFICATE----- used as the header and -----END CERTIFICATE----- as the footer.

Binary (DER) key

Contains a private key in its raw form, using DER ASN.1 encoding. OpenSSL creates keys in its own traditional (SSLeay) format. There’s also an alternative format called PKCS#8 (defined in RFC 5208), but it’s not widely used. OpenSSL can convert to and from PKCS#8 format using the pkcs8 command.

ASCII (PEM) key

Contains a base64-encoded DER key, sometimes with additional metadata (e.g., the algorithm used for password protection).

PKCS#7 certificate(s)

A complex format designed for the transport of signed or encrypted data, defined in RFC 2315. It’s usually seen with .p7b and .p7c extensions and can include the entire certificate chain as needed. This format is supported by Java’s keytool utility.

PKCS#12 (PFX) key and certificate(s)

A complex format that can store and protect a server key along with an entire certificate chain. It’s commonly seen with .p12 and .pfx extensions. This format is commonly used in Microsoft products, but is also used for client certificates. These days, the PFX name is used as a synonym for PKCS#12, even though PFX referred to a different format a long time ago (an early version of PKCS#12). It’s unlikely that you’ll encounter the old version anywhere.

Key and Certificate Conversion的更多相关文章

  1. 【Azure 环境】把OpenSSL生产的自签名证书导入到Azure Key Vault Certificate中报错

    问题描述 通过本地生成的自签名证书导入到Azure Key Vault Certificate报错. 错误信息 the specified PEM X.509 certificate content ...

  2. 【Azure Developer - 密钥保管库 】使用 Python Azure SDK 实现从 Azure Key Vault Certificate 中下载证书(PEM文件)

    问题描述 在Azure Key Vault中,我们可以从Azure门户中下载证书PEM文件到本地. 可以通过OpenSSL把PFX文件转换到PEM文件.然后用TXT方式查看内容,操作步骤如下图: Op ...

  3. openssl - cookbook

    1.openssl 2.Testing 3.Best Practices last 1.openssl 1.1.Key and Cerificate Management Run a web serv ...

  4. Certificate Formats | Converting Certificates between different Formats

    Different Platforms & Devices requires SSL certificates in different formatseg:- A Windows Serve ...

  5. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)

    之前没接触过证书加密的话,对证书相关的这些概念真是感觉挺棘手的,因为一下子来了一大堆新名词,看起来像是另一个领域的东西,而不是我们所熟悉的编程领域的那些东西,起码我个人感觉如此,且很长时间都没怎么搞懂 ...

  6. Conversion Operators in OpenCascade

    Conversion Operators in OpenCascade eryar@163.com Abstract. C++ lets us redefine the meaning of the ...

  7. [转载]iOS Provisioning Profile(Certificate)与Code Signing详解

    原文:http://blog.csdn.net/phunxm/article/details/42685597 引言 关于开发证书配置(Certificates & Identifiers & ...

  8. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)[zz]

    openssl dgst –sign privatekey.pem –sha1 –keyform PEM –c c:\server.pem 将文件用sha1摘要,并用privatekey.pem中的私 ...

  9. iOS Provisioning Profile(Certificate)与Code Signing详解

    引言 关于开发证书配置(Certificates & Identifiers & Provisioning Profiles),相信做 iOS 开发的同学没少被折腾.对于一个 iOS ...

随机推荐

  1. python 基础 1.5 python 数据类型(一)--整型 浮点型 布尔型及字符串和常用方法

    一.python 数据类型:数值,字符串,列表,元组,字典.以下操作是在linux 下 ipython中进行 1.数值 1>123  与  “123”的区别 答:123为数值,“123”在pyt ...

  2. Python 进程、线程、协程、锁机制,你知多少?

    1.python的多线程到底有没有用? 2. 为什么在python里推荐使用多进程而不是多线程 3.进程.线程.协程.各种锁 4.Python多进程编程

  3. vs2013工程下的各个文件和文件夹的作用

    1 ipch文件夹 用来加速编译,里面存放的是precompiled headers,即预编译好了的头文件. 头文件也是需要编译的,比如需要处理#ifdef,需要替换宏以及需要include其它头文件 ...

  4. Cglib学习报错 java.lang.reflect.InvocationTargetException-->null

    package javacore.testForCglibProxy; import java.lang.reflect.Method; import net.sf.cglib.proxy.Enhan ...

  5. MySQL——存储引擎

    核心知识点 1.InnoDB:数据和索引存放在单独的文件,聚簇索引,行级锁,事务,MVCC 2.MyISAM: (1)缺点:不支持事务和表级锁,因为不支持表锁,锁颗粒比较大,因此适合只读和小文件. ( ...

  6. session,cookie的理解(总结)

    会话(Session)跟踪是Web程序中常用的技术,用来跟踪用户的整个会话.常用的会话跟踪技术是Cookie与Session.Cookie通过在客户端记录信息确定用户身份,Session通过在服务器端 ...

  7. Java for LeetCode 095 Unique Binary Search Trees II

    Given n, generate all structurally unique BST's (binary search trees) that store values 1...n. For e ...

  8. Ubuntu/CentOS下使用脚本自动安装 Docker

    Ubuntu.Debian 系列安装 Docker 系统要求 Docker 支持以下版本的 Ubuntu 和 Debian 操作系统: Ubuntu Xenial 16.04 (LTS) Ubuntu ...

  9. 高通MSM8255 GPS 调试分析&&Android系统之Broadcom GPS 移植【转】

    本文转载自:http://blog.csdn.net/gabbzang/article/details/12063031 http://blog.csdn.NET/dwyane_zhang/artic ...

  10. Linux内核--并发【转】

    本文转自自:http://www.jianshu.com/p/035550ae05d2 为什么会产生并发 1.多个用户同时登陆的时候,他们有可能在任何时刻以任意的组合调用内核代码. 2.smp系统可能 ...