Difference between revisions of "X.509"

From wikieduonline
Jump to navigation Jump to search
Tags: Mobile web edit, Mobile edit
Tags: Mobile web edit, Mobile edit
Line 5: Line 5:
  
 
== Examples ==
 
== Examples ==
*<code>[[openssl x509]] -inform [[pem]] -noout -text</code>
+
* <code>[[openssl x509]] -inform [[pem]] -noout -text</code>
*<code>[[keytool]] -printcert -file certificate.pem</code>
+
* <code>openssl x509 -noout -text -in /path/to/your/cert.pem</code>
 +
* <code>[[keytool]] -printcert -file certificate.pem</code>
  
*<code>[[openssl x509 -req]]</code>
+
* <code>[[openssl x509 -req]]</code>
  
*<code>[[openssl s_client]] -showcerts -connect YOUR_DOMAIN.COM:443 </dev/null 2>/dev/null | [[openssl x509]] -outform PEM > MY_CERTFILE.pem </code>
+
* <code>[[openssl s_client]] -showcerts -connect YOUR_DOMAIN.COM:443 </dev/null 2>/dev/null | [[openssl x509]] -outform PEM > MY_CERTFILE.pem </code>
  
 
===Errors===
 
===Errors===

Revision as of 10:22, 6 September 2021

wikipedia:X.509 standard format for Public key certificate used in TLS.

Tools: openssl, keytool, certinfo (Cloudflare) https://github.com/cloudflare/cfssl/blob/master/certinfo/certinfo.go[1]


Examples

  • openssl x509 -inform pem -noout -text
  • openssl x509 -noout -text -in /path/to/your/cert.pem
  • keytool -printcert -file certificate.pem

Errors

  • Error response from daemon: Get https://URL/: x509: certificate signed by unknown authority

Security

  • ASN.1 and x509 parsers in the kernel have historically been quite problematic (CVE-2008-1673, CVE-2016-2053),

Activities


Related terms

See also

  • https://prefetch.net/blog/2019/12/10/converting-x509-certificates-to-json-objects/
  • Advertising: