IT-Security

From wiki.samerhijazi.net
Revision as of 17:15, 21 March 2022 by Samerhijazi (talk | contribs) (Initial)
Jump to navigation Jump to search

Authentication

Ref.

Initial

  • SSL & TLS are the same. SSL is the old name. TLS is the updated version of SSL.
  • X.509 Certificates encoding formats and file extensions.
  • PKCS#12(.p12) and Java KeyStore Format(.jks).
  • Public Key Cryptography Standards(PKCS)
  • PKCS#12(.p12)/PEM(.pem) files can contain a certificate, certificate request, public key, private key or all.
  • (PKCS) Public Key Cryptography Standards >>> are binary files. These are the newer format of .pfx files. #12 is the 12th version of the standard.
  • (PEM) Privacy Enhanced Mail >>> are text file alternative to PKCS format.
* Base64-ASCII: PEM >>> *.pem, *.crt, *.cer, *.key
* Base64-ASCII: PKCS#7 >>> *.p7b, *.p7c
* Binary: DER >>> *.der, *.cer
* Binary: PKCS#12 >>> *.pfx, *.p12

KeyStore/TrustStore

  • KeyStore: holds onto certificates that identify us.
  • TrustStore: holds onto certificates that identify others.
  • Until Java 8, the default KeyStore-Format is JKS. Since Java 9, the default KeyStore-Format is PKCS12.
  • Java has bundled a TrustStore called cacerts and it resides in the $JAVA_HOME/jre/lib/security directory
* Certificate: .crt, .pem
* Certificate Chain: .crt, .cer, .pem
* Public Key: .key, .pem
* Private Key: .key, .pem
Retrieved from "http://wiki.samerhijazi.net/index.php?title=IT-Security&oldid=2444"