Collections:
Other Resources:
OpenSSL CSR File Structure and Components
What is the OpenSSL CSR file structure and components?
✍: FYIcenter.com
By default, CSR (Certificate Signing Request) files generated by the OpenSSL "req" command follow these rules:
1. CSR files are stored in PEM (Privacy-enhanced mail) format, which uses DER (Distinguished Encoding Rules) standard to serialize data elements into a binary string, then uses Base64 to encode the binary string into a printable character string.
2. CSR data elements follow the "RFC5967 - PKCS #10: Certification Request Syntax Specification, Version 1.7" specification.
The RFC5867, or PKCS#10, specifies that a CSR should have 3 parts:
1. "certificationRequestInfo" - Provides information of the certification request, which contains:
2. "signatureAlgorithm" - Provides what algorithm was used to generate the digital signature of the "certificationRequestInfo".
3. "signature" - Provides the digital signature of the "certificationRequestInfo", signed by the private key of the subject. The signature can be verified by the public key included in the "certificationRequestInfo".
⇒ OpenSSL "req -text" Output and CSR Components
2018-01-19, 4961🔥, 1💬
Popular Posts:
How to create a new system certificate store using the "makecert.exe" command? Yes, "makecert.exe" c...
Certificate Summary: Subject: HydrantID Server CA O1 Issuer: IdenTrust Commercial Root CA 1 Expirati...
Certificate summary - Owner: *.soundcloud.com, Domain Control Validated, GB Issuer: GlobalSign Domai...
How can I get a X.509 certificate file to play with OpenSSL commands "x509" command? If you have no ...
Certificate summary - Owner: www.alipay.com, Organization and domain(s) authenticated by iTrus China...