Introduction to PKCS7
What is PKCS7? It is a standard in the “Public Key Cryptography Standards” used as a cryptographic message syntax and as a format for an X.509 certificate and corresponding chain. The bundle or bag does not have to be a full chain and order does not matter as the final chain validation will happen by the client. The bundle may just be several unrelated certificates, however, this isn’t as practical of a usage. A PKCS7 certificate can be formatted as both PEM and DER.
PKCS#7 was originally created by the company RSA to represent encrypted and signed data. IETF then created CMS (Cryptographic Message Syntax) from it, causing confusion today between the original and current usage of the format. PKCS#7 is ASN.1 and can be used as a signed message or certificate bundle. For example, PKCS7 can be used as the format for a S/MIME digital signature on an email.
For a deep dive, check out the PKCS#7 RFC, RFC 2315.
If you have a .p7b, .p7c, or .pfx file you wish to decode, use our Certificate Decoder tool. .p7c is rarely used in the wild, but is a rather intuitive file extension.
To print the certificates with openssl, use the following command:
openssl pkcs7 -inform pem -noout -text -print_certs -in example.p7b
For clarity, that command is an example of pkcs7 to pem. If the p7b file has 3 certificates bundled, it will print out 3 consecutive pem encoded certificates. If it has 4, it will print out 4 and so on. This command converts the PKCS#7 file from a p7b bundle to a series of x509 certificates.
Let’s describe the flags in this command:
-inform: can be pem or der. Defaults to pem if not specified.
-noout: don’t output the encoded version
-print_certs: print the certificates in the bundle
-in: the pkcs7 format certificate file
To convert from PEM to DER:
openssl pkcs7 -in file.pem -outform DER -out file.der
Now let’s describe the flags in this command:
-in: the pkcs7 format certificate file
-outform: the format to convert to
-out: the file name of the converted file
To convert pem encoded certificate and optional chain to pkcs7:
openssl crl2pkcs7 -nocrl -certfile newcert.pem -certfile cacertchain.pem -outform DER -out p7.der
Description of flags in this command:
-nocrl: Specifies that this is only a conversion of certificates, not a crl.
-certfile: The pem encoded certificate file to be converted
-certfile: Notice that this flag is used twice. It can be used multiple times to load certificate from multiple files. In this case, the end entity certificate and its chain are in separate files.
-outform: Can be PEM or DER
-out: The converted file
It is unfortunate that openssl has not provided a separate command for pem to pkcs7 conversion. In the example provided, we chose not to convert a crl due to the fact that this is relatively uncommon. The command is most useful for pem to pkcs7 conversion.
To demonstrate that the certificate chain order does not matter in a PKCS7 file, here is an image of the .p7b view of example.com’s chain. The root certificate is in the middle, which demonstrates that it is up to the client to verify the certificate chain path.
Generally, a pkcs7 certificate file begins with the header —–BEGIN PKCS7—– and ends with the footer —–END PKCS7—–. This differentiates it from the standard pem header and footer. That is 5 hyphens both before and after the header words.
While it will accept the header and footer “—–BEGIN CERTIFICATE—–
—–END CERTIFICATE—–” this is generally discouraged as not to confuse with a pem encoded X.509 certificate.
-----BEGIN PKCS7----- data... -----END PKCS7-----
pkcs7 vs pkcs12 (pkcs12 vs pkcs7)
It is rather common for the comparison of these two standards to come up, especially for beginners in PKI and digital certificates.
Many times, the question is answered by the file extension: .p7b vs .p12 (or .pfx). The file extension is commonly p7b, but may be whatever is most readable in your situation. If the p7b is in binary, it may make sense to just use the .der file extension.
In essence, .p7b holds a certificate(s) with no associated private key where the certificates are all encoded together and not separately, whereas a .p12, or pkcs12 keystore, holds a certificate(s) with it’s associated private key. It’s really as simple as that.
For more information on the PKCS12 format, read this post.
x509 vs pkcs7 (pkcs7 vs x509)
The difference between an x509 certificate and a certificate bundle in PKCS7 format is that the bundle of certificates which could be a chain or a single x509 certificate is pem encoded in totality rather than a single individual x509 certificate. Also, as discussed above, the header and footer are different.
PKCS#7 SignedData – Signing and Verification
You may occasionally see a .p7s attachment to an email signature. This is a signed email extension of the PKCS#7 SignedData format. To see examples of signing messages, visit our posts on openssl smime and openssl cms.
If there are any commands we have not covered by openssl, please leave a comment asking for an example.