8704000
PKI
- X.509
- Certificate Encode
- PEM:Privacy Enhanced Mail
- DER:Distinguished Encoding Rules
- PEM:Privacy Enhanced Mail
- Certificate Extension Name
- CRT
- PEM
- CER
- KEY
- PFX/P12
- JKS
- CSR: Certificate Signing Requst
- CRT
- `openssl` command
- Generate self-sign certificate
- openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
- openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
- Generate CSR
- openssl req -newkey rsa:2048 -new -nodes -keyout my.key -out my.csr
- openssl req -newkey rsa:2048 -new -nodes -keyout my.key -out my.csr
- Display the Certificate Information
- PEM
- openssl x509 -in certificate.pem -text -noout
- openssl x509 -in certificate.pem -text -noout
- DER
- openssl x509 -in certificate.der -inform der -text -noout
- openssl x509 -in certificate.der -inform der -text -noout
- PEM
- Generate self-sign certificate
- Digital Certificate? or
Public Key Certificate
- Public Key + Owner Information +
Digital Signature Signed by CA
- Public Key + Owner Information +
Digital Signature Signed by CA
- Structure
- Abstract Syntax Notation (ASN): describe the structure
- ASN serves the same purpose as a
DTD or an XSD might serve in an
XML context
- ASN serves the same purpose as a
DTD or an XSD might serve in an
XML context
- TOP level
- version
- serialNumber
- signature
- CA sign
- Self-sign for test
- object identifier (OID)
- MD5withRSA: 1.2.840.113549.1.1.4 = 2A 86 48 86 F7 0D 01 01 04
- SHA-1withRSA: 2A 86 48 86 F7 0D 01 01 05
- MD5withRSA: 1.2.840.113549.1.1.4 = 2A 86 48 86 F7 0D 01 01 04
- CA sign
- issuer
- Distinguished Name
- Distinguished Name
- validity
- subject
- subjectPublicKeyInfo
- issuerUniqueID
- subjectUniqueID
- extensions
- version
- Abstract Syntax Notation (ASN): describe the structure
- Certificate Encode
- CA
Anmerkungen:
- CA sign the Digital certificate
- RA
- VA
- Use Cases
- SSL(TLS)
- SAML
- Software Licence
- PDF signature
- SSH
- SSL(TLS)
- Algorithms
- private key cryptography
- DES,Data Encryption Standard
- AES, Advanced Encryption Standard (128,192, 256)
- RC4
- IDEA
- DES,Data Encryption Standard
- public key cryptography
- RSA, Rivest, Shamir, Adleman: length>768 has not
been cracked. So 1024 basic security and 2018 is
more security
- Digital Signature Algorithm, DSA, Only signature
- Diffie-Hellman: Only for exchange key
- ECC, Elliptic curve cryptography
- RSA, Rivest, Shamir, Adleman: length>768 has not
been cracked. So 1024 basic security and 2018 is
more security
- Digest Algorithm
- SHA Secure Hash Algorithm
- SHA-1 : 160-bit
- SHA-2: SHA256: 256-bit
- SHA-1 : 160-bit
- MD5 Message-Digest Algorithm 5
- CRC Cyclic Redundancy Check
- SHA Secure Hash Algorithm
- private key cryptography
Medienanhänge
Möchten Sie kostenlos Ihre eigenen Mindmaps mit GoConqr erstellen? Mehr erfahren.