PKI Certificate Tutorials - Herong's Tutorial Examples
∟PKI Certificate File Formats
This chapter provides a quick introduction of PKI certificate file formats. Topics include ASN.1 standard; BER and DER encodings; PKI certificates in DER or PEM file formats; PKI certificate decoders and ASN.1 parsers.
What Is ASN.1 (Abstract Syntax Notation One)
What Is BER (Basic Encoding Rules)
BER Encoding Examples
ASN.1 Type Modifier - Type Tagging
What Is DER (Distinguished Encoding Rules)
PKI Certificate Structure in ASN.1 Notations
PKI Certificate in DER Format
PKI Certificate in Base64 Format
PKI Certificate in PEM Format
PKI Certificate File Viewer and Decoder
PKI Certificate File ASN.1 Parser
Takeaways:
- ASN.1 (Abstract Syntax Notation One)
is a language that provides data types and systaxes for you to define your own constructed data types.
- ASN.1 primitive data types include BOOLEAN, INTEGER, OCTET STRING, PrintableString, OBJECT IDENTIFIER, etc.
- ASN.1 constructed data types include SEQUENCE, SET, etc.
- BER (Basic Encoding Rules) allows you to serialize ASN.1 object values into byte sequences.
- DER (Distinguished Encoding Rules) includes additional rules to make encoding output unique.
- DER file format allows you to store PKI certificates as DER encoded binary strings.
- PEM (Privacy Enhanced Mail) file format uses Base64 encoding to convert DER files
into text files with delimiter lines.
- Windows/Mac computers and Web browsers allow you to view data fields decoded from certificate files.
- "openssl x509 -text" is the most popular command to decode certificate files.
Table of Contents
About This Book
Introduction of PKI (Public Key Infrastructure)
Introduction of PKI Certificate
►PKI Certificate File Formats
OpenSSL - Cryptography Toolkit
"openssl ca" - CA (Certificate Authority) Tool
Java "keytool" Commands and KeyStore Files
PKI Certificate Store
PKCS12 Certificate Bundle File
PKCS7 Certificate Chain File
PKI Certificate Related Terminology
References
Full Version in PDF/EPUB