Difference between revisions of "Privacy-Enhanced Mail (.PEM)"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
Line 10: Line 10:
  
 
Read certificate:
 
Read certificate:
[[openssl]] [[x509]] -in certificate.pem -text
+
* <code>[[openssl]] [[x509]] -in certificate.pem -text</code>
[[keytool]] -printcert -file certificate.pem
+
* <code>[[keytool]] -printcert -file certificate.pem</code>
 +
* <code>openssl s_client -showcerts -connect YOUR_DOMAIN.COM:443</code>
  
  

Revision as of 06:58, 6 October 2020

This article is a Draft. Help us to complete it.

pem - Defined in RFCs 1421 through 1424, this is a container format that may include just the public certificate (such as with Apache installs, and CA certificate files /etc/ssl/certs), or may include an entire certificate chain including public key, private key, and root certificates. Confusingly, it may also encode a CSR (e.g. as used here) as the PKCS10 format can be translated into PEM. The name is from Privacy Enhanced Mail (PEM), a failed method for secure email but the container format it used lives on, and is a base64 translation of the x509 ASN.1 keys.[1]

PEM or DER or PFX


ssh-keygen -m PEM -t rsa -f your_new_rsa_key.pem


Read certificate:

  • openssl x509 -in certificate.pem -text
  • keytool -printcert -file certificate.pem
  • openssl s_client -showcerts -connect YOUR_DOMAIN.COM:443


PKCS7 chain in DER format. These files also may be named with a .p7b extension

OpenSSH 7.8, released in August 2018 Incompatible changes: ssh-keygen write OpenSSH format private keys by default instead of using OpenSSL's PEM format.


file your_pem_file.pem
your_pem_file.pem PEM RSA private key


Related terms

See also

  • https://serverfault.com/questions/9708/what-is-a-pem-file-and-how-does-it-differ-from-other-openssl-generated-key-file
  • Advertising: