PKI Certificate Tutorials - Herong's Tutorial Examples
∟PKCS7 Certificate Chain File
This chapter provides a quick introduction of the PKCS7 certificate chain file. Topics include introduction of PKCS7 file format; creating PKCS7 file with a single certificate or a certificate chain, and converting PKCS12 file to PEM bundle using OpenSSL.
What Is PKCS7 File Format
"openssl crl2pkcs7 -nocrl" - PKCS7 Certificate File
"openssl crl2pkcs7 -nocrl" - PKCS7 Certificate Chain
ASN.1 Data Structure of PKCS7 File
Takeaways:
- PKCS7 file can be used to store multiple signed and/or encrypted data items,
including certificates and CRL (Certificate Revocation List) in a single file.
- PKCS7 file is commonly used to store a certificate chain.
- "openssl crl2pkcs7 -nocrl" command can be used
to build a PKCS7 file with a single certificate,
a certificate chain, or a list of any certificates.
- "openssl pkcs7 -outForm PEM" command can be used
to convert a PKCS7 file into a PEM certificate bundle.
- Commonly used file extensions for PKCS7 files are
*.p7b, *.p7c, and *.p7r.
Table of Contents
About This Book
Introduction of PKI (Public Key Infrastructure)
Introduction of PKI Certificate
PKI Certificate File Formats
OpenSSL - Cryptography Toolkit
"openssl ca" - CA (Certificate Authority) Tool
Java "keytool" Commands and KeyStore Files
PKI Certificate Store
PKCS12 Certificate Bundle File
►PKCS7 Certificate Chain File
PKI Certificate Related Terminology
References
Full Version in PDF/EPUB