Private keys and certificates can be stored in a variety of formats, which means that you’ll often need to convert them from one format to another. The most common formats are:

Binary (DER) certificate

Contains an X.509 certificate in its raw form, using DER ASN.1 encoding.

ASCII (PEM) certificate(s)

Contains a base64-encoded DER certificate, with -----BEGIN CERTIFICATE----- used as the header and -----END CERTIFICATE----- as the footer.

Binary (DER) key

Contains a private key in its raw form, using DER ASN.1 encoding. OpenSSL creates keys in its own traditional (SSLeay) format. There’s also an alternative format called PKCS#8 (defined in RFC 5208), but it’s not widely used. OpenSSL can convert to and from PKCS#8 format using the pkcs8 command.

ASCII (PEM) key

Contains a base64-encoded DER key, sometimes with additional metadata (e.g., the algorithm used for password protection).

PKCS#7 certificate(s)

A complex format designed for the transport of signed or encrypted data, defined in RFC 2315. It’s usually seen with .p7b and .p7c extensions and can include the entire certificate chain as needed. This format is supported by Java’s keytool utility.

PKCS#12 (PFX) key and certificate(s)

A complex format that can store and protect a server key along with an entire certificate chain. It’s commonly seen with .p12 and .pfx extensions. This format is commonly used in Microsoft products, but is also used for client certificates. These days, the PFX name is used as a synonym for PKCS#12, even though PFX referred to a different format a long time ago (an early version of PKCS#12). It’s unlikely that you’ll encounter the old version anywhere.

Key and Certificate Conversion的更多相关文章

  1. 【Azure 环境】把OpenSSL生产的自签名证书导入到Azure Key Vault Certificate中报错

    问题描述 通过本地生成的自签名证书导入到Azure Key Vault Certificate报错. 错误信息 the specified PEM X.509 certificate content ...

  2. 【Azure Developer - 密钥保管库 】使用 Python Azure SDK 实现从 Azure Key Vault Certificate 中下载证书(PEM文件)

    问题描述 在Azure Key Vault中,我们可以从Azure门户中下载证书PEM文件到本地. 可以通过OpenSSL把PFX文件转换到PEM文件.然后用TXT方式查看内容,操作步骤如下图: Op ...

  3. openssl - cookbook

    1.openssl 2.Testing 3.Best Practices last 1.openssl 1.1.Key and Cerificate Management Run a web serv ...

  4. Certificate Formats | Converting Certificates between different Formats

    Different Platforms & Devices requires SSL certificates in different formatseg:- A Windows Serve ...

  5. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)

    之前没接触过证书加密的话,对证书相关的这些概念真是感觉挺棘手的,因为一下子来了一大堆新名词,看起来像是另一个领域的东西,而不是我们所熟悉的编程领域的那些东西,起码我个人感觉如此,且很长时间都没怎么搞懂 ...

  6. Conversion Operators in OpenCascade

    Conversion Operators in OpenCascade eryar@163.com Abstract. C++ lets us redefine the meaning of the ...

  7. [转载]iOS Provisioning Profile(Certificate)与Code Signing详解

    原文:http://blog.csdn.net/phunxm/article/details/42685597 引言 关于开发证书配置(Certificates & Identifiers & ...

  8. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)[zz]

    openssl dgst –sign privatekey.pem –sha1 –keyform PEM –c c:\server.pem 将文件用sha1摘要,并用privatekey.pem中的私 ...

  9. iOS Provisioning Profile(Certificate)与Code Signing详解

    引言 关于开发证书配置(Certificates & Identifiers & Provisioning Profiles),相信做 iOS 开发的同学没少被折腾.对于一个 iOS ...

随机推荐

  1. SCRM从入门到精通01

    [SCRM从入门到精通01]如何基于微信开放接口开发企业的微信CRM? 业内一直都在传说微信是天生的CRM,可是没有人看到过微信CRM的真容.随着微信最新公众平台的改版和开放接口的微信认证开放,微信C ...

  2. UIWebview加载H5界面侧滑返回上一级

    一.UIWebview的发现 问题发现:当UIWebview王深层次点击的时候,返回时需要webView执行goBack方法一级一级返回,这样看到的webView只是在该界面执行刷新,并看不到类似iO ...

  3. AsyncHttpClien访问网络案例分析

    Android数据存储的四种方式分别是:SharedPreferences存储.File文件存储.Network网络存储和sqlite数据库存储,网络存储需要使用AsyncHttpClient发送请求 ...

  4. FastJson处理Map List 对象

     Fastjson是一个Java语言编写的高性能功能完善的JSON库. Fastjson是一个Java语言编写的JSON处理器,由阿里巴巴公司开发. 1.遵循http://json.org标准,为其官 ...

  5. (C)结构数组

    结构数组 对于大小相同但是类型不同的数组,定义结构体数组对其很有帮组.例如: char *keyword[NKEYS]; int keycount[NKEYS]; 这两个数组大小相同,因此 可以用另一 ...

  6. luoguP3066 [USACO12DEC]逃跑的BarnRunning

    luoguP3066 [USACO12DEC]逃跑的BarnRunning 题目大意 给定一棵n个节点的树和参数L,查询每个节点子树中到达该节点距离<=L的数量(包括该节点) 偏模板的主席树 P ...

  7. koa-bodyparser返回413状态码的问题

    413 Request Entity Too Large(请求实体太大) 数日前,我用 node.js 写的一个日志服务抛出了这个状态码-- 自己写的服务抛出了一个自己都不认识的状态码,这是最气的!( ...

  8. oracle-数据库的各种-锁-详解

    数据库是一个多用户使用的共享资源.当多个用户并发地存取数据时,在数据库中就会产生多个事务同时存取同一数据的情况.若对并发操作不加控制就可能会读取和存储不正确的数据,破坏数据库的一致性. 如果是单用户的 ...

  9. 蓝色科技AE宣传片头光晕视频

    蓝色科技AE宣传片头光晕视频素材,蓝色AE炫光素材,科技AE片头,精美,AE特效,绚丽,AE模板,视频素材,动画. 地址:http://www.huiyi8.com/xuanguang/ae/

  10. h5打电话发短信写邮件怎么实现

    // 一.打电话<a href="tel:0755-10086">打电话给:0755-10086</a> // 二.发短信,winphone系统无效< ...