Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT Deployment Manual page 24
Hide thumbs
Also See for CERTIFICATE SYSTEM 8 - DEPLOYMENT:
- Manual (86 pages) ,
- Install manual (132 pages)
Table of Contents
Advertisement
Chapter 1. Introduction to Public-Key Cryptography
Users do not usually need to be concerned about the exact contents of a certificate. However, system
administrators working with certificates may need some familiarity with the information contained in
them.
1.3.4.1. Certificate Data Formats
Certificate requests and certificates can be created, stored, and installed in several different formats.
All of these formats conform to X.509 standards.
1.3.4.1.1. Binary
The following binary formats are recognized:
• DER-encoded certificate. This is a single binary DER-encoded certificate.
• PKCS #7 certificate chain. This is a PKCS #7 SignedData object. The only significant field in the
SignedData object is the certificates; the signature and the contents, for example, are ignored. The
PKCS #7 format allows multiple certificates to be downloaded at a single time.
• Netscape Certificate Sequence. This is a simpler format for downloading certificate chains in
a PKCS #7 ContentInfo structure, wrapping a sequence of certificates. The value of the
contentType field should be netscape-cert-sequence, while the content field has the
following structure:
CertificateSequence ::= SEQUENCE OF Certificate
This format allows multiple certificates to be downloaded at the same time.
1.3.4.1.2. Text
Any of the binary formats can be imported in text form. The text form begins with the following line:
-----BEGIN CERTIFICATE-----
Following this line is the certificate data, which can be in any of the binary formats described. This data
should be base-64 encoded, as described by RFC 1113. The certificate information is followed by this
line:
-----END CERTIFICATE-----
1.3.4.2. Distinguished Names
An X.509 v3 certificate binds a distinguished name (DN) to a public key. A DN is a series of name-
value pairs, such as uid=doe, that uniquely identify an entity. This is also called the certificate subject
name.
This is an example DN of an employee for Example Corp.:
uid=doe, cn=John Doe,o=Example Corp.,c=US
In this DN, uid is the username, cn is the user's common name, o is the organization or company
name, and c is the country.
14
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
Related Products for Red Hat CERTIFICATE SYSTEM 8 - DEPLOYMENT
- Red Hat CERTIFICATE 7.2 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 7.2 - MIGRATION GUIDE
- Red Hat CERTIFICATE SYSTEM 7.1 - ADMINSISTRATOR
- Red Hat CERTIFICATE 7.3 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8 - AGENTS GUIDE
- Red Hat CERTIFICATE 8.0 RELEASE NOTES
- Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION
- Red Hat CERTIFICATE SYSTEM ENTERPRISE - SECURITY GUIDE
- Red Hat CLUSTER SUITE - CONFIGURING AND MANAGING A CLUSTER 2006
- Red Hat CLUSTER MANAGER - INSTALLATION AND
- Red Hat Cluster Suite
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE