null
US
Sign In
Sign Up for Free
Sign Up
We have detected that Javascript is not enabled in your browser. The dynamic nature of our site means that Javascript must be enabled to function properly. Please read our
terms and conditions
for more information.
Next up
Copy and Edit
You need to log in to complete this action!
Register for Free
8704000
PKI
Description
PKI
No tags specified
pki
information technology
Mind Map by
Xin Meng
, updated more than 1 year ago
More
Less
Created by
Xin Meng
over 7 years ago
399
2
0
Resource summary
PKI
X.509
Certificate Encode
PEM:Privacy Enhanced Mail
DER:Distinguished Encoding Rules
Certificate Extension Name
CRT
PEM
CER
KEY
PFX/P12
JKS
CSR: Certificate Signing Requst
`openssl` command
Generate self-sign certificate
openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
Generate CSR
openssl req -newkey rsa:2048 -new -nodes -keyout my.key -out my.csr
Display the Certificate Information
PEM
openssl x509 -in certificate.pem -text -noout
DER
openssl x509 -in certificate.der -inform der -text -noout
Digital Certificate? or Public Key Certificate
Public Key + Owner Information + Digital Signature Signed by CA
Structure
Abstract Syntax Notation (ASN): describe the structure
ASN serves the same purpose as a DTD or an XSD might serve in an XML context
TOP level
version
serialNumber
signature
CA sign
Self-sign for test
object identifier (OID)
MD5withRSA: 1.2.840.113549.1.1.4 = 2A 86 48 86 F7 0D 01 01 04
SHA-1withRSA: 2A 86 48 86 F7 0D 01 01 05
issuer
Distinguished Name
validity
subject
subjectPublicKeyInfo
issuerUniqueID
subjectUniqueID
extensions
CA
Annotations:
CA sign the Digital certificate
RA
VA
Use Cases
SSL(TLS)
SAML
Software Licence
PDF signature
SSH
Algorithms
private key cryptography
DES,Data Encryption Standard
AES, Advanced Encryption Standard (128,192, 256)
RC4
IDEA
public key cryptography
RSA, Rivest, Shamir, Adleman: length>768 has not been cracked. So 1024 basic security and 2018 is more security
Digital Signature Algorithm, DSA, Only signature
Diffie-Hellman: Only for exchange key
ECC, Elliptic curve cryptography
Digest Algorithm
SHA Secure Hash Algorithm
SHA-1 : 160-bit
SHA-2: SHA256: 256-bit
MD5 Message-Digest Algorithm 5
CRC Cyclic Redundancy Check
Media attachments
4e5f4264 Ae06 4624 Bc13 4387fba238de (image/png)
Selection 003 (image/png)
Selection 004 (image/png)
Selection 005 (image/png)
Selection 006 (image/png)
Selection 007 (image/png)
Show full summary
Hide full summary
Want to create your own
Mind Maps
for
free
with GoConqr?
Learn more
.
Similar
CCNA Security 210-260 IINS - Exam 3
Mike M
Application of technology in learning
Jeff Wall
Innovative Uses of Technology
John Marttila
Ch1 - The nature of IT Projects
mauricio5509
The Internet
Gee_0599
CCNA Answers – CCNA Exam
Abdul Demir
SQL Quiz
R M
Professional, Legal, and Ethical Issues in Information Security
mfundo.falteni
System Analysis
R A
Flash Cards Networks
JJ Pro Wrestler
EDUC260- Multimodal Literacies for a Digital Age
angelwoo2002
Browse Library