Difference between revisions of "OS4X Core - list of support certificate formats"
Jump to navigation
Jump to search
Line 19: | Line 19: | ||
=== Support in OS4X === | === Support in OS4X === | ||
'''This file format is the main format used in OS4X''', used in several places: | '''This file format is the main format used in OS4X''', used in several places: | ||
− | *TLS server and client certificate | + | *TLS server and client certificate (PEM format is expected; according to every automatism generated on the fly) |
− | *trusted certificates | + | *trusted certificates (automatic conversion into this format is implemented for DER and PKCS#7) |
− | *partner certificates (used for en-/decryption and signature [verification] processes) | + | *partner certificates (used for en-/decryption and signature [verification] processes; automatic conversion into this format is implemented for DER and PKCS#7) |
== X509v3 DER encoded certificate == | == X509v3 DER encoded certificate == |
Revision as of 12:20, 2 December 2016
Background
For handling X509v3 certificates and keys, several format exist. In general, file suffix names (such as ".cer", ".der", ".pem" or others) are only a hint of what format is included in the file, but this does not neccessarily mean that the format is really represendeted in the file itself. So, when dealing with several file formats, you will have to determine which certificate format is really included in the file.
This is a list of supported certificate formats which OS4X can deal with:
X509v3 PEM encoded certificate
Suffixes known
- .cer
- .cert
- .pem
Description
This format is an ASCII, textual representation of a BASE64 encoded certificate format. The content is readable in a text editor. The file has a header and footer line:
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
Support in OS4X
This file format is the main format used in OS4X, used in several places:
- TLS server and client certificate (PEM format is expected; according to every automatism generated on the fly)
- trusted certificates (automatic conversion into this format is implemented for DER and PKCS#7)
- partner certificates (used for en-/decryption and signature [verification] processes; automatic conversion into this format is implemented for DER and PKCS#7)