PEM (Privacy Enhanced Mail) Encoding

The moPEM (Privacy Enhanced Mail) Encoding

The most commonly used encoding schema for X.509 certificate files is the PEM (Privacy Enhanced Mail) encoding.

Here is the definition of PEM on wikipedia.com: "Privacy Enhanced Mail (PEM), is an early IETF proposal for securing email using public key cryptography. Although PEM became an IETF proposed standard it was never widely deployed or used.

The full specification of PEM is in RFC 1421. But the idea of PEM encoding on X.509 certificates is very simple:

  • Encode the content with Base64 encoding.
  • Enclose the Base64 encoding output between two lines: "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"

Here is a structural sample of a PEM encoded X.509 certificate:

-----BEGIN CERTIFICATE-----

MIIDODCCAvagAwIBAgIERqplETALBgcqhkjOOAQDBQAwfzELMAkGA1UE...

...

Cgfs2kXj/IQCFDC5GT5IrLTIFxAyPUo1tJo2DPkK

-----END CERTIFICATE-----

PEM encoded certificate files are supported by almost all applications. "OpenSSL" and "keytool" support PEM encoded certificate files with no problem. See other sections below for test notes.st commonly used encoding schema for X.509 certificate files is the PEM (Privacy Enhanced Mail) encoding.

Here is the definition of PEM on wikipedia.com: "Privacy Enhanced Mail (PEM), is an early IETF proposal for securing email using public key cryptography. Although PEM became an IETF proposed standard it was never widely deployed or used.

The full specification of PEM is in RFC 1421. But the idea of PEM encoding on X.509 certificates is very simple:

  • Encode the content with Base64 encoding.
  • Enclose the Base64 encoding output between two lines: "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"

Here is a structural sample of a PEM encoded X.509 certificate:

-----BEGIN CERTIFICATE-----

MIIDODCCAvagAwIBAgIERqplETALBgcqhkjOOAQDBQAwfzELMAkGA1UE...

...

Cgfs2kXj/IQCFDC5GT5IrLTIFxAyPUo1tJo2DPkK

-----END CERTIFICATE-----
 
PEM encoded certificate files are supported by almost all applications. "OpenSSL" and "keytool" support PEM encoded certificate files with no problem. See other sections below for test notes.

PEM (Privacy Enhanced Mail) Encoding的更多相关文章

  1. Privacy-Enhanced Mail (PEM) Privacy Enhancement for Internet Electronic Mail

    小结 1. 加密基本流程 本地格式标准格式认证(填充与完整性检查)与加密可打印编码 Privacy-Enhanced Mail (PEM) RFC 2313 - PKCS #1: RSA Encryp ...

  2. 加密学教程(Cryptography Tuturials)文件夹

    加密学教程(Cryptography Tuturials) 太阳火神的漂亮人生 (http://blog.csdn.net/opengl_es) 本文遵循"署名-非商业用途-保持一致&quo ...

  3. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)

    之前没接触过证书加密的话,对证书相关的这些概念真是感觉挺棘手的,因为一下子来了一大堆新名词,看起来像是另一个领域的东西,而不是我们所熟悉的编程领域的那些东西,起码我个人感觉如此,且很长时间都没怎么搞懂 ...

  4. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)[zz]

    openssl dgst –sign privatekey.pem –sha1 –keyform PEM –c c:\server.pem 将文件用sha1摘要,并用privatekey.pem中的私 ...

  5. 关于x509、crt、cer、key、csr、pem、der、ssl、tls 、openssl等

    关于x509.crt.cer.key.csr.pem.der.ssl.tls .openssl等 TLS:传输层安全协议 Transport Layer Security的缩写 TLS是传输层安全协议 ...

  6. RSA私钥和公钥文件格式 (pkcs#1, pkcs#8, pkcs#12, pem)

    RSA私钥和公钥文件格式 (pkcs#1, pkcs#8, pkcs#12, pem) 2018年03月07日 11:57:22 阅读数:674 Format Name Description PKC ...

  7. OpenSSL使用2(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12概念说明)(转)

    SSL SSL - Secure Sockets Layer,现在应该叫"TLS",但由于习惯问题,我们还是叫"SSL"比较多.http协议默认情况下是不加密内 ...

  8. How to convert .crt to .pem [duplicate]证书转化

    openssl x509 -in mycert.crt -out mycert.pem -outform PEM openssl x509 -inform DER -in yourdownloaded ...

  9. 那些证书相关的玩意儿(SSL,X.509,PEM,DER,CRT,CER,KEY,CSR,P12等)(使用OpenSSL的命令行)

    之前没接触过证书加密的话,对证书相关的这些概念真是感觉挺棘手的,因为一下子来了一大堆新名词,看起来像是另一个领域的东西,而不是我们所熟悉的编程领域的那些东西,起码我个人感觉如此,且很长时间都没怎么搞懂 ...

随机推荐

  1. 在linux下配置静态IP

    在终端中输入:vi /etc/sysconfig/network-scripts/ifcfg-eth0   开始编辑,填写ip地址.子网掩码.网关.DNS等.其中“红框内的信息”是必须得有的.   编 ...

  2. [Tip] 如何在BeyondCompare中忽略不重要的区别.

    在使用BeyondCompare时,有时需要忽略一些不重要的区别,下面的链接教你如何通过定义语法元素来实现这个功能. http://www.scootersoftware.com/support.ph ...

  3. Linux下动态链接库 与gcc 选项

    -L 编译时查找动态链接库的路径 -lxxx(小写)  e.g -lcudart   = link libcudart.so  , -I(大写) 头文件的路径 -rpath (-R), 编译时指定链接 ...

  4. 基于nodejs实现js后端化处理

    今天D哥给我提了个问题,"用php执行过js没"?咋一听,没戏~~毕竟常规情况下,js是依赖浏览器运行的.想在php后端采集的同时利用js运行结果并传递给php使用,没戏! 然后回 ...

  5. Nginx模块开发时unknown directive "echo"的处理

    实际上,Nginx并没有echo这个指令,所以你贸然使用时,自然会提示说无法识别的指令,处理方法有两个: 方法一是: 从下面连接下载echo-nginx-module模块并安装: https://gi ...

  6. java之容器

    先来一张容器的API框架图,我们在java中所学的所有知识,都是根据下面这张图来学习的.... 容器API: 1.Collection接口------定义了存储一组对象的方法,其子接口Set和List ...

  7. MSIL 教程(三):类和异常处理(转)

    转自:http://www.cnblogs.com/Yahong111/archive/2007/08/16/857771.html 续上文[翻译]MSIL 教程(二):数组.分支.循环.使用不安全代 ...

  8. 各种UserAgent的列表

    User Agent是浏览器用于 HTTP 请求的用户代理头的值.更换User Agent能更好的模拟出不同的系统和浏览器信息. Android Name User Agent Nexus 7 (Ta ...

  9. mysql 启动错误-server PID file could not be found

    [root@centos var]# service mysqld stop MySQL manager or server PID file could not be found!       [F ...

  10. 写的一个Sass 和Compass的例子

    /*1.打开项目根目录下的 config.rb 文件 2.搜索 line_comments 关键词,默认应该是 # line_comments = false 3.去掉前面的 #,保存 config. ...