Difference between revisions of "Privacy-Enhanced Mail (.PEM)"
Jump to navigation
Jump to search
↑ https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file
Tags: Mobile web edit, Mobile edit |
Tags: Mobile web edit, Mobile edit |
||
Line 39: | Line 39: | ||
== See also == | == See also == | ||
* {{.pem}} | * {{.pem}} | ||
− | * {{ | + | * {{CSR}} |
* {{ssh}} | * {{ssh}} | ||
* {{X.509}} | * {{X.509}} |
Revision as of 11:17, 6 September 2021
pem - Defined in RFCs 1421 through 1424, this is a container format that may include just the public certificate (such as with Apache installs, and CA certificate files /etc/ssl/certs/), or may include an entire certificate chain including public key, private key and root certificates. Confusingly, it may also encode a CSR (e.g. as used here) as the PKCS10 format can be translated into PEM. The name is from Privacy Enhanced Mail (PEM), a failed method for secure email but the container format it used lives on, and is a base64 translation of the x509 ASN.1 keys.[1]
ssh-keygen -m PEM -t rsa -f your_new_rsa_key.pem
Read certificate:
openssl x509 -in certificate.pem -text
openssl s_client -showcerts -connect YOUR_DOMAIN.COM:443
keytool -printcert -file certificate.pem
Generate certificate:
PKCS7 chain in DER format. These files also may be named with a .p7b extension
- OpenSSH 7.8, (August 2018) Incompatible changes:
ssh-keygen
write OpenSSH format private keys by default instead of using OpenSSL's PEM format.
file your_pem_file.pem your_pem_file.pem PEM RSA private key
Related terms
- X.509
ssh-keygen
openssl
:openssl req
.crt
(Core FTP).key
(Core FTP)- Let's Encrypt:
certbot certonly
,certbot certificates
- Nginx
ssl_certificate
directive
See also
- Certificate:
.pem
,.ppk
,.pfx
,.p12
,.cer, .crt
,openssl pkcs12
,.csr
,.pub
, PFX, PKCS, PKCS - Certificate, CSR (PKCS10),
/etc/letsencrypt/csr/
,openssl req
, X.509, [.pem
,.cer
,.csr
], Kubernetes CertificateSigningRequest - SSH:
ssh
, TLS,.ppk, .pem, .crt, .pub
, ED25519, Key exchange method (KEX), public key, private key,ssh -Q kex
,IAMUserSSHKeys
,known_hosts
, ssh tunnel, Dropbear - X.509, ASN.1,
openssl x509
,.pem, der
, PFX, PKCS, SAN,openssl x509, CSR
- TLS, mTLS: OpenSSL, LibreSSL, BoringSSL, WolfSSL, X.509,
.pem
, SNI, CT, OCSP, Mbed TLS, ALPN,your connection is not private
, SSL Certificate Checker, Wildcard certificate, JA3 fingerprint, sslcan, TLS inspection
Advertising: