Difference between revisions of "Privacy-Enhanced Mail (.PEM)"
Tags: Mobile web edit, Mobile edit |
Tags: Mobile web edit, Mobile edit |
||
| Line 1: | Line 1: | ||
| − | [[wikipedia:PEM]] | + | [[wikipedia:PEM]] extension for [[X.509]] certificates |
pem - Defined in [[RFCs]] 1421 through 1424, this is a container format that may include just the [[public certificate]] (such as with Apache installs, and CA certificate files [[/etc/ssl/certs/]]), or may include an entire certificate chain including [[public key]], [[private key]] and [[root certificates]]. Confusingly, it may also encode a [[CSR]] (e.g. as used here) as the [[PKCS10]] format can be translated into PEM. The name is from Privacy Enhanced Mail (PEM), a failed method for secure email but the container format it used lives on, and is a base64 translation of the x509 ASN.1 keys.<ref>https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file </ref> | pem - Defined in [[RFCs]] 1421 through 1424, this is a container format that may include just the [[public certificate]] (such as with Apache installs, and CA certificate files [[/etc/ssl/certs/]]), or may include an entire certificate chain including [[public key]], [[private key]] and [[root certificates]]. Confusingly, it may also encode a [[CSR]] (e.g. as used here) as the [[PKCS10]] format can be translated into PEM. The name is from Privacy Enhanced Mail (PEM), a failed method for secure email but the container format it used lives on, and is a base64 translation of the x509 ASN.1 keys.<ref>https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file </ref> | ||
Revision as of 11:28, 6 September 2021
wikipedia:PEM extension for X.509 certificates
pem - Defined in RFCs 1421 through 1424, this is a container format that may include just the public certificate (such as with Apache installs, and CA certificate files /etc/ssl/certs/), or may include an entire certificate chain including public key, private key and root certificates. Confusingly, it may also encode a CSR (e.g. as used here) as the PKCS10 format can be translated into PEM. The name is from Privacy Enhanced Mail (PEM), a failed method for secure email but the container format it used lives on, and is a base64 translation of the x509 ASN.1 keys.[1]
ssh-keygen -m PEM -t rsa -f your_new_rsa_key.pem
Read certificate:
openssl x509 -in certificate.pem -textopenssl s_client -showcerts -connect YOUR_DOMAIN.COM:443keytool -printcert -file certificate.pem
Generate certificate:
PKCS7 chain in DER format. These files also may be named with a .p7b extension
- OpenSSH 7.8, (August 2018) Incompatible changes:
ssh-keygenwrite OpenSSH format private keys by default instead of using OpenSSL's PEM format.
file your_pem_file.pem your_pem_file.pem PEM RSA private key
Related terms
- X.509
ssh-keygenandopenssl req.crt(Core FTP).key(Core FTP)- Let's Encrypt:
certbot certonly,certbot certificates - Nginx
ssl_certificatedirective
Activities
See also
- Certificate:
.pem,.ppk,.pfx,.p12,.cer, .crt,openssl pkcs12,.csr,.pub, PFX, PKCS, PKCS - Certificate, CSR (PKCS10),
/etc/letsencrypt/csr/,openssl req, X.509, [.pem,.cer,.csr], Kubernetes CertificateSigningRequest - X.509, ASN.1,
openssl x509,.pem, der, PFX, PKCS, SAN,openssl x509, CSR - Certificate, certificate extensions (
.pem,.pfx), CSR,.csr, root certificate, public certificate
Advertising:
