Question: What are SSL certificates? Answer: An SSL certificate is a file containing data about an organization or some entity along with a cryptographically secure public key. The SSL certificate is the centerpiece for providing secure transactions between a client and server by containing the … [Read more...] about What are SSL certificates? Why you need SSL.
PKCS7 as SignedData, a certificate bundle and OpenSSL
Introduction to PKCS7 What is PKCS7? It is a standard in the "Public Key Cryptography Standards" used as a cryptographic message syntax and as a format for an X.509 certificate and corresponding chain. The bundle or bag does not have to be a full chain and order does not matter as the final chain … [Read more...] about PKCS7 as SignedData, a certificate bundle and OpenSSL
openssl cms – Sign and encrypt or decrypt email messages
The openssl cms utility will digitally sign, verify, encrypt and decrypt S/MIME version 3.1 mail and messages. Checkout our smime article on how to get an email certificate and extract the public and private key for use in these commands. To purchase an Email certificate, we recommend starting … [Read more...] about openssl cms – Sign and encrypt or decrypt email messages
PKCS8 (PKCS #8) format – openssl pkcs8
PKCS8 is the eighth of the Public-Key Cryptography Standards (PKCS) and is a syntax for storing private key material. The private keys may be encrypted with a symmetric key algorithm. If the usage of your key requires it to be in plain text, make sure it is stored in a secured location. If at all … [Read more...] about PKCS8 (PKCS #8) format – openssl pkcs8
openssl rand – Generate random numbers and passwords
To generate random bytes with openssl, use the openssl rand utility which is the openssl random number generator. This utility utilizes a CSPRNG, a cryptographically secure pseudo-random number generator. As of v1.1.1, openssl will use a trusted entropy source provided by the operating system to … [Read more...] about openssl rand – Generate random numbers and passwords
openssl crl
The openssl crl command and utility will process CRL (Certificate Revocation List) files in both DER and PEM format. CRL locations can be found on the X.509 certificate itself, under the "CRL Endpoints" section. Here is a screenshot from the Mozilla Firefox certificate viewer of the SSL … [Read more...] about openssl crl
Keytool generate CSR – Generate a certificate signing request
What is java keytool? Keytool generate CSR - The Java keytool is a command-line utility used to manage keystores in different formats containing keys and certificates. You can use keytool to create a pkcs 10 certificate signing request or in other words. In many respects, it’s a competing utility … [Read more...] about Keytool generate CSR – Generate a certificate signing request
EV Certificates – Extended Validation Certificates
Question: What are EV Certificates? Answer: Extended Validation (EV) Certificates are SSL Certificates that have been issued after a rigorous validation process. The cryptographic strength and security of an EV certificate is no different than that of a DV (Domain Validated) or OV (Organization … [Read more...] about EV Certificates – Extended Validation Certificates