PKCS10
From Just Solve the File Format Problem
(Difference between revisions)
(Created page with "{{FormatInfo |formattype=electronic |subcat=Security |extensions={{ext|csr}}, {{ext|pem}}, {{ext|p10}} |mimetypes={{mimetype|application/pkcs10}} }} '''PKCS #10''' (PKCS10) is...") |
m (→Software) |
||
Line 25: | Line 25: | ||
== Software == | == Software == | ||
− | * [ | + | * [[OpenSSL]] |
* [http://www.gnutls.org/ GnuTLS] | * [http://www.gnutls.org/ GnuTLS] | ||
== Links == | == Links == | ||
* [[Wikipedia:Certificate signing request|Wikipedia: Certificate signing request]] | * [[Wikipedia:Certificate signing request|Wikipedia: Certificate signing request]] |
Latest revision as of 22:17, 2 February 2016
PKCS #10 (PKCS10) is the most common Certificate Signing Request (CSR) format. The term CSR often implies PKCS10 format, though other CSR formats exist.
A PKCS10 file may be encoded in PEM format, DER format, or possibly some other format.
Contents |
[edit] Identification
A PEM-encoded PKCS10 file is plain text, with base64-encoded payload data. It contains a line that reads "-----BEGIN CERTIFICATE REQUEST-----
" or "-----BEGIN NEW CERTIFICATE REQUEST-----
".
[edit] Examples
To view the contents of a PEM-encoded PKCS10 file, using OpenSSL:
openssl req -noout -text -in example.csr
To generate a new PKCS10 file, first generate a private key, then:
openssl req -new -key example.key -out example.csr
[edit] Specifications
- RFC 2986: PKCS #10: Certification Request Syntax Specification, Version 1.7
- RFC 2314: PKCS #10, Version 1.5 (obsolete)
- RFC 5967: The application/pkcs10 Media Type