User Tools

Site Tools


ubuntu:certificates:certificate_types

Ubuntu - Certificates - Certificate Types

Common filename extensions for X.509 certificates are:

Filename ExtensionDescription
.pemPrivacy-enhanced Electronic Mail. Base64 encoded DER certificate, enclosed between “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–“
.cer, .crt, .derUsually in binary DER form, but Base64-encoded certificates are common too (see .pem above)
.p7b, .p7cPKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
.p12PKCS#12, may contain certificate(s) (public) and private keys (password protected)
.pfxPFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in IIS)
  • PKCS#7 is a standard for signing or encrypting (officially called “enveloping”) data. Since the certificate is needed to verify signed data, it is possible to include them in the SignedData structure. A .P7C file is a degenerated SignedData structure, without any data to sign.[citation needed]
  • PKCS#12 evolved from the personal information exchange (PFX) standard and is used to exchange public and private objects in a single file.
ubuntu/certificates/certificate_types.txt · Last modified: 2020/07/15 09:30 by 127.0.0.1

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki