When making various third-party payments, the downloaded certificate is a. Pem suffix, curious what the hell it is, so ... An extremely brutal learning process began ...
First of all, the PEM, originally to enhance the security of the message, the certificate was re-encoded with Base64 with the message transmission , and now basically used to generate a public/private key file for the user to download, the original function is instead forgotten.
Here's a new concept, X-ten, a digital certificate standard under the ASN.1 specification, developed by the International Telecommunication Union (ITU-T) , which specifies what information the certificate should contain and what encoding format to use (default der binary encoding).
Asn.1,abstract Syntax Notation One, an abstract syntax tag, a ISO/ITU-T standard that describes a data format for representation, encoding, transmission, and decoding of data, well, so poorly understood, can be analogous to the various underlying types provided by the development language, These underlying types are used to define the data structure of the digital certificate. (reference link, ASN.1)
Pksc,the Public-key Cryptography Standards, public key cryptography standard, a series of standards developed by the United States, RSA company, here we only discuss #7/#8/#12, #7/#12是对X. 509 certificates are extended, encrypted for exchange. #8是一种私钥格式标准. The private key generated by OpenSSL can be converted to the PKCS8 format.
Summary below:
ASN.1 provides an abstract syntax, similar to a keyword in a programming language.
The data structure and coding specifications for certificates are defined using these abstract syntax.
PEM is the use of the Base64 to re-encode the primary certificate in an ASCII file for transmission with the message to ensure message security.
PKCS is a series of specifications developed by US-Imperial RSA, #7/#12对基础X. 509 certificates and certificates corresponding to the private key are expanded, encrypted, re-encoded for Exchange, #8定义了一种私钥格式标准.
. PEM-Induced murders