Private keys and certificates can be stored in a variety of formats, which means that you’ll often need to convert them from one format to another. The most common formats are:

Binary (DER) certificate

Contains an X.509 certificate in its raw form, using DER ASN.1 encoding.

ASCII (PEM) certificate(s)

Contains a base64-encoded DER certificate, with -----BEGIN CERTIFICATE----- used as the header and -----END CERTIFICATE----- as the footer.

Binary (DER) key

Contains a private key in its raw form, using DER ASN.1 encoding. OpenSSL creates keys in its own traditional (SSLeay) format. There’s also an alternative format called PKCS#8 (defined in RFC 5208), but it’s not widely used. OpenSSL can convert to and from PKCS#8 format using the pkcs8 command.

ASCII (PEM) key

Contains a base64-encoded DER key, sometimes with additional metadata (e.g., the algorithm used for password protection).

PKCS#7 certificate(s)

A complex format designed for the transport of signed or encrypted data, defined in RFC 2315. It’s usually seen with .p7b and .p7c extensions and can include the entire certificate chain as needed. This format is supported by Java’s keytool utility.

PKCS#12 (PFX) key and certificate(s)

A complex format that can store and protect a server key along with an entire certificate chain. It’s commonly seen with .p12 and .pfx extensions. This format is commonly used in Microsoft products, but is also used for client certificates. These days, the PFX name is used as a synonym for PKCS#12, even though PFX referred to a different format a long time ago (an early version of PKCS#12). It’s unlikely that you’ll encounter the old version anywhere.

Key and Certificate Conversion的更多相关文章

  1. 【Azure 环境】把OpenSSL生产的自签名证书导入到Azure Key Vault Certificate中报错

    问题描述 通过本地生成的自签名证书导入到Azure Key Vault Certificate报错. 错误信息 the specified PEM X.509 certificate content ...

  2. 【Azure Developer - 密钥保管库 】使用 Python Azure SDK 实现从 Azure Key Vault Certificate 中下载证书(PEM文件)

    问题描述 在Azure Key Vault中,我们可以从Azure门户中下载证书PEM文件到本地. 可以通过OpenSSL把PFX文件转换到PEM文件.然后用TXT方式查看内容,操作步骤如下图: Op ...

  3. openssl - cookbook

    1.openssl 2.Testing 3.Best Practices last 1.openssl 1.1.Key and Cerificate Management Run a web serv ...

  4. Certificate Formats | Converting Certificates between different Formats

    Different Platforms & Devices requires SSL certificates in different formatseg:- A Windows Serve ...

  5. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)

    之前没接触过证书加密的话,对证书相关的这些概念真是感觉挺棘手的,因为一下子来了一大堆新名词,看起来像是另一个领域的东西,而不是我们所熟悉的编程领域的那些东西,起码我个人感觉如此,且很长时间都没怎么搞懂 ...

  6. Conversion Operators in OpenCascade

    Conversion Operators in OpenCascade eryar@163.com Abstract. C++ lets us redefine the meaning of the ...

  7. [转载]iOS Provisioning Profile(Certificate)与Code Signing详解

    原文:http://blog.csdn.net/phunxm/article/details/42685597 引言 关于开发证书配置(Certificates & Identifiers & ...

  8. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)[zz]

    openssl dgst –sign privatekey.pem –sha1 –keyform PEM –c c:\server.pem 将文件用sha1摘要,并用privatekey.pem中的私 ...

  9. iOS Provisioning Profile(Certificate)与Code Signing详解

    引言 关于开发证书配置(Certificates & Identifiers & Provisioning Profiles),相信做 iOS 开发的同学没少被折腾.对于一个 iOS ...

随机推荐

  1. UITextView的一些技巧

      1.在指定位置插入字符串:   NSMutableString *TextViewStr=[[NSMutableString alloc] initWithString:TextView.text ...

  2. lodash (js实用工具库)

    是什么? 它提供了一整套函数式编程的实用功能, 并且支持模块化, 比underscore更优秀. 文档? http://lodashjs.com/docs/ 引用? <script src=&q ...

  3. SQL语法之初级增删改查

    SQL语法之初级增删改查 1.增 1.1插入单行 INSERT INTO [表名](列名) VALUES(列值) 语法如下: INSERT INTO bsp_Nproductclass(guid,pi ...

  4. image auto fix the View

    image: { flex: 1, width: null, height: null, resizeMode: 'contain' }

  5. linux内核 RCU机制详解【转】

    本文转载自:https://blog.csdn.net/xabc3000/article/details/15335131 简介 RCU(Read-Copy Update)是数据同步的一种方式,在当前 ...

  6. POJ2104 K-th Number (子区间内第k大的数字)【划分树算法模板应用】

    K-th Number Time Limit: 20000MS   Memory Limit: 65536K Total Submissions: 40920   Accepted: 13367 Ca ...

  7. utf8_general_ci和utf8_unicode_ci的比较

    看到很多数据库的设计对于中文字符都是选择选用utf8_general_ci而非utf8_unicode_ci utf8_general_ci和utf8_unicode_ci的区别并不大:utf8_un ...

  8. html5--1.7超链接上

    html5--1.7超链接上 一.超链接的5种形式 <!DOCTYPE html> <html lang="en"> <head> <me ...

  9. 分享知识-快乐自己:全面解析 java注解实战指南

    请你在看这篇文章时,不要感到枯燥,从头到尾一行行看,代码一行行读,你一定会有所收获的. 问: 为什么学习注解? 学习注解有什么好处? 学完能做什么? 答: 1):能够读懂别人的代码,特别是框架相关的代 ...

  10. IDEAL葵花宝典:java代码开发规范插件 (maven helper)解决maven 包冲突的问题

    小编说到: 在我们日常开发当中常常我们会遇到JAR包冲突.找来找去还找不到很是烦人.那么所谓的JAR包冲突是指的什么那?JAR包冲突就是-引入的同一个JAR包却有好几个版本. 例如: 项目中引用了两个 ...