X.509: Difference between revisions
Jump to navigation
Jump to search
Line 56: | Line 56: | ||
==X509 extensions== | ==X509 extensions== | ||
===X509 Basic Constraints=== |
Revision as of 17:20, 8 April 2018
External
Internal
Overview
X.509 is a ITU-T standard for a public key infrastructure (PKI).
X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation algorithm.
X.509 is a common certificate format that can be managed by JDK's keytool.
Certificate Structure
Certificate: Data: Version: 3 (0x2) Serial Number: b9:f4:0a:47:fa:79:78:29 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, L=Menlo Park, O=Nova Ordis LLC, CN=test.novaordis.com Validity Not Before: Apr 8 08:49:35 2018 GMT Not After : Apr 8 08:49:35 2019 GMT Subject: C=US, L=Menlo Park, O=Nova Ordis LLC, CN=test.novaordis.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ce:ab:8f:f6:2f:f1:4b:63:c6:ed:ea:8f:25:30: [...] Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:DA:94:80:CE:E8:61:DA:CA:15:85:97:A8:D8:A1:E4:37:A7:5A:9D X509v3 Authority Key Identifier: keyid:B2:DA:94:80:CE:E8:61:DA:CA:15:85:97:A8:D8:A1:E4:37:A7:5A:9D X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha256WithRSAEncryption 3d:8f:9f:3b:8a:9a:39:36:d2:13:cb:85:de:d0:92:6e:36:1f: [...]