Transferred from:
Http://rhythm-zju.blog.163.com/blog/static/310042008015115718637/
All rights reserved. If you need to reprint it, please indicate the source
I have studied SSL/TLS some time ago and read the English version of Eric rescorla's SSL
Certificate formats-X.509, der and PEMPart: 1 2 3Certificate standard and File encodings seem to be confusing. I wrote down some notes about:
What is X.509 certificate standard?
PEM (privacy enhanced mail) Encoding
Der
Use the OpenSSL to verify the certificate chain with the following command:Debian:/home/zhaoya/openssl#openssl verify-cafile Root_cert User_certThe Root_cert can contain a lot of certificates, you can use the Cat command to merge multilevel CA
This is a creation in
Article, where the information may have evolved or changed.
Objective
A digital certificate is a file that is digitally signed by the Certificate Authority center that contains public key owner information and a public key.
I. Theoretical knowledge
What is ca?
Ca is short for Certificate Authority. It is usually translated into an authentication authority or a certification center. It is mainly used to issue digital certificates to users. This digital certificate
The concepts related to certificates are really tricky because they haven't been exposed to certificate encryption before, because there's a whole new term coming up that looks like something else in another field, not something that we're familiar
1. Concise Explanation:1. Server generates public and private keys with RSA2. Put the public key in the certificate sent to the client, the private key to save itself3. The client first checks the validity of the certificate to an authoritative
In general, if you can find a certificate that is available, you can use it directly, except that some information about the certificate is incorrect or does not match the host that is deploying the certificate, but this does not affect the use of
Today, when trying to build a Docker registry private warehouse on a Mac machine, the latest registry of the Cup has been forced to use SSL authentication for security reasons, so we have a detailed understanding of the use of OpenSSL on Linux/mac,
In HTTPS learning note two, the concept of digital certificates has been clarified, composed and how the client validates the server-side certificate during the HTTPS connection process. This chapter describes how to use the OpenSSL library to
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.