Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | |||
| technical:openssl_usage_notes [2019/11/15 08:33] – bob | technical:openssl_usage_notes [2021/10/14 19:46] (current) – bob | ||
|---|---|---|---|
| Line 22: | Line 22: | ||
| | sign | Calculate a secure hash and encrypt hash with issuer' | | sign | Calculate a secure hash and encrypt hash with issuer' | ||
| | subject | The entity (person or organization) described in the cert | | | subject | The entity (person or organization) described in the cert | | ||
| + | |||
| + | ==== File Types ==== | ||
| + | |||
| + | | .pem | Stands for PEM, Privacy Enhanced Mail; it simply indicates a base64 encoding with header and footer lines. Mail traditionally only handles text, not binary which most cryptographic data is, so some kind of encoding is required to make the contents part of a mail message itself (rather than an encoded attachment). The contents of the PEM are detailed in the header and footer line - .pem itself doesn' | ||
| + | | .key | Can be any kind of key, but usually it is the private key - OpenSSL can wrap private keys for all algorithms (RSA, DSA, EC) in a generic and standard PKCS#8 structure, but it also supports a separate ' | ||
| + | | .crt or .cer | Stands simply for certificate, | ||
| + | | .csr or .req | Stands for Certificate Signing Request as defined in PKCS#10; it contains information such as the public key and common name required by a Certificate Authority to create and sign a certificate for the requester, the encoding could be PEM or DER (which is a binary encoding of an ASN.1 specified structure) | | ||
| + | |||
| ===== Important OpenSSL Commands and Options ===== | ===== Important OpenSSL Commands and Options ===== | ||