recentpopularlog in

kme : x509   4

How to View a Certificate Fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL
How to View a Certificate Thumbprint as SHA-256, SHA-1 or MD5 using OpenSSL How to View a Certificate Fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL
openssl  x509  crypto  ssl  certificate  sha1  sha256  hash  fingerprint  commandline  solution 
june 2019 by kme
security - What is the difference between a cer, pvk, and pfx file? - Stack Overflow | https://stackoverflow.com/
Windows .cer files are ASN.1 DER encoded (you can decoded these with 'dumpasn1' on Linux or use http://www.lapo.it/asn1js/ for a web version--don't upload private keys there, though).

You can also decode with OpenSSL:

<code class="language-bash">
openssl asn1parse -inform der -in SomeIssuer.cer

# or, given a .cer file from Windows, something like this works:
openssl x509 -inform der -in SomeIssuer.cer -fingerprint -sha1
</code>

This was a helpful guide for decoding the various file extensions:

<code>Here are my personal, super-condensed notes, as far as this subject pertains to me currently, for anyone who's interested:

Both PKCS12 and PEM can store entire cert chains: public keys, private keys, and root (CA) certs.
.pfx == .p12 == "PKCS12"
fully encrypted
.pem == .cer == .cert == "PEM"
base-64 (string) encoded X509 cert (binary) with a header and footer
base-64 is basically just a string of "A-Za-z0-9+/" used to represent 0-63, 6 bits of binary at a time, in sequence, sometimes with 1 or 2 "=" characters at the very end when there are leftovers ("=" being "filler/junk/ignore/throw away" characters)
the header and footer is something like "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" or "-----BEGIN ENCRYPTED PRIVATE KEY-----" and "-----END ENCRYPTED PRIVATE KEY-----"
Windows recognizes .cer and .cert as cert files
.jks == "Java Key Store"
just a Java-specific file format which the API uses
.p12 and .pfx files can also be used with the JKS API
"Trust Stores" contain public, trusted, root (CA) certs, whereas "Identity/Key Stores" contain private, identity certs; file-wise, however, they are the same.</code>
ca  certificate  x509  webmaster  webdevel  fileextension  fuckina  solution 
january 2018 by kme

Copy this bookmark:





to read