Difference between revisions of "IT-Security"
Jump to navigation
Jump to search
Samerhijazi (talk | contribs) (→Ref.) |
Samerhijazi (talk | contribs) (→Initial) |
||
| Line 9: | Line 9: | ||
* X.509 Certificates encoding formats and file extensions. | * X.509 Certificates encoding formats and file extensions. | ||
* PKCS#12(.p12) and Java KeyStore Format(.jks). | * PKCS#12(.p12) and Java KeyStore Format(.jks). | ||
| + | * Public Key Cryptography Standards(PKCS) | ||
| + | * PKCS#12(.p12)/PEM(.pem) files can contain a certificate, certificate request, public key, private key or all. | ||
| + | * (PKCS) Public Key Cryptography Standards >>> are binary files. These are the newer format of .pfx files. #12 is the 12th version of the standard. | ||
| + | * (PEM) Privacy Enhanced Mail >>> are text file alternative to PKCS format. | ||
<pre class="text"> | <pre class="text"> | ||
* Base64-ASCII: PEM >>> *.pem, *.crt, *.cer, *.key | * Base64-ASCII: PEM >>> *.pem, *.crt, *.cer, *.key | ||
| Line 14: | Line 18: | ||
* Binary: DER >>> *.der, *.cer | * Binary: DER >>> *.der, *.cer | ||
* Binary: PKCS#12 >>> *.pfx, *.p12 | * Binary: PKCS#12 >>> *.pfx, *.p12 | ||
| + | </pre> | ||
| + | =KeyStore/TrustStore= | ||
| + | * KeyStore: holds onto certificates that identify us. | ||
| + | * TrustStore: holds onto certificates that identify others. | ||
| + | * Until Java 8, the default KeyStore-Format is JKS. Since Java 9, the default KeyStore-Format is PKCS12. | ||
| + | * Java has bundled a TrustStore called cacerts and it resides in the $JAVA_HOME/jre/lib/security directory | ||
| + | <pre class="text"> | ||
| + | * Certificate: .crt, .pem | ||
| + | * Certificate Chain: .crt, .cer, .pem | ||
| + | * Public Key: .key, .pem | ||
| + | * Private Key: .key, .pem | ||
</pre> | </pre> | ||
Revision as of 17:15, 21 March 2022
Authentication
Ref.
- https://www.learninjava.com/easy-guide-to-ssl/
- https://badssl.com/
- https://www.learninjava.com/convert-p12-to-jks-and-pem-to-jks/
Initial
- SSL & TLS are the same. SSL is the old name. TLS is the updated version of SSL.
- X.509 Certificates encoding formats and file extensions.
- PKCS#12(.p12) and Java KeyStore Format(.jks).
- Public Key Cryptography Standards(PKCS)
- PKCS#12(.p12)/PEM(.pem) files can contain a certificate, certificate request, public key, private key or all.
- (PKCS) Public Key Cryptography Standards >>> are binary files. These are the newer format of .pfx files. #12 is the 12th version of the standard.
- (PEM) Privacy Enhanced Mail >>> are text file alternative to PKCS format.
* Base64-ASCII: PEM >>> *.pem, *.crt, *.cer, *.key * Base64-ASCII: PKCS#7 >>> *.p7b, *.p7c * Binary: DER >>> *.der, *.cer * Binary: PKCS#12 >>> *.pfx, *.p12
KeyStore/TrustStore
- KeyStore: holds onto certificates that identify us.
- TrustStore: holds onto certificates that identify others.
- Until Java 8, the default KeyStore-Format is JKS. Since Java 9, the default KeyStore-Format is PKCS12.
- Java has bundled a TrustStore called cacerts and it resides in the $JAVA_HOME/jre/lib/security directory
* Certificate: .crt, .pem * Certificate Chain: .crt, .cer, .pem * Public Key: .key, .pem * Private Key: .key, .pem
