Collections:
Other Resources:
OpenSSL CSR File Structure and Components
What is the OpenSSL CSR file structure and components?
✍: FYIcenter.com
By default, CSR (Certificate Signing Request) files generated by the OpenSSL "req" command follow these rules:
1. CSR files are stored in PEM (Privacy-enhanced mail) format, which uses DER (Distinguished Encoding Rules) standard to serialize data elements into a binary string, then uses Base64 to encode the binary string into a printable character string.
2. CSR data elements follow the "RFC5967 - PKCS #10: Certification Request Syntax Specification, Version 1.7" specification.
The RFC5867, or PKCS#10, specifies that a CSR should have 3 parts:
1. "certificationRequestInfo" - Provides information of the certification request, which contains:
2. "signatureAlgorithm" - Provides what algorithm was used to generate the digital signature of the "certificationRequestInfo".
3. "signature" - Provides the digital signature of the "certificationRequestInfo", signed by the private key of the subject. The signature can be verified by the public key included in the "certificationRequestInfo".
⇒ OpenSSL "req -text" Output and CSR Components
2018-01-19, 4830🔥, 1💬
Popular Posts:
Certificate summary - Owner: www.adobe.com, IT, Adobe Systems Incorporated, L=San Jose, ST=Californi...
Certificate summary - Owner: www.mobile01.com, "Yong Sheng Technology Co., Ltd.", Web Services, L=Ta...
Certificate summary - Owner: *.vube.com, Domain Control Validated Issuer: SERIALNUMBER=07969287, Go ...
How to view detailed information of a Root CA certificate in IE? To view detailed information of a C...
How to validate a self-signed certificate using OpenSSL "verify" command? You can validate your self...