PEM
Dan Tobias (Talk | contribs) (Add cat) |
|||
Line 4: | Line 4: | ||
|extensions={{ext|pem}}, others | |extensions={{ext|pem}}, others | ||
}} | }} | ||
− | '''PEM''' ('''Privacy-Enhanced Mail''') refers both to the secure email format defined in RFC 1421 and related RFCs, and (much more commonly) to the loosely-defined family of formats inspired by RFC 1421 format. This article is about the whole family of PEM formats. For information specific to the original PEM format, refer to [[Privacy-Enhanced Mail (RFC 1421)]]. | + | '''PEM''' ('''Privacy-Enhanced Mail''') refers both to the secure email format defined in RFC 1421 and related RFCs, and (much more commonly) to the loosely-defined family of formats inspired by <nowiki>RFC 1421</nowiki> format. This article is about the whole family of PEM formats. For information specific to the original PEM format, refer to [[Privacy-Enhanced Mail (RFC 1421)]]. |
PEM formats are usually related to encryption, especially public-key encrypted communications. Most of them are not related to email, so calling them ''Privacy-Enhanced Mail'' is confusing. Some of the most common formats were apparently invented by the SSLeay/OpenSSL developers. | PEM formats are usually related to encryption, especially public-key encrypted communications. Most of them are not related to email, so calling them ''Privacy-Enhanced Mail'' is confusing. Some of the most common formats were apparently invented by the SSLeay/OpenSSL developers. | ||
Line 11: | Line 11: | ||
''This section describes PEM format in general, but it has not been confirmed to be correct for every specific PEM format.'' | ''This section describes PEM format in general, but it has not been confirmed to be correct for every specific PEM format.'' | ||
− | A PEM file is plain text. It contain one or more objects, such as certificates or keys, which may not all be the same type. Each object is delimited by lines similar to "<code>-----BEGIN ...-----</code>" and "<code>-----END ...-----</code>". Data that is ''not'' between such lines is ignored, and is sometimes used for comments. | + | A PEM file is plain text. It contain one or more objects, such as certificates or keys, which may not all be the same type. Each object is delimited by lines similar to "<code>-----BEGIN ...-----</code>" and "<code>-----END ...-----</code>". Data that is ''not'' between such lines is ignored, and is sometimes used for comments, or for a human-readable dump of the encoded data. |
Following the "BEGIN" and "END" keywords is a name (such as "CERTIFICATE") that can be used as an identifier for the type of object. | Following the "BEGIN" and "END" keywords is a name (such as "CERTIFICATE") that can be used as an identifier for the type of object. | ||
Line 27: | Line 27: | ||
|- | |- | ||
|CERTIFICATE REQUEST || | |CERTIFICATE REQUEST || | ||
+ | |- | ||
+ | |NEW CERTIFICATE REQUEST || | ||
|- | |- | ||
|PKCS7 || | |PKCS7 || | ||
Line 34: | Line 36: | ||
|PRIVACY-ENHANCED MESSAGE || Refer to [[Privacy-Enhanced Mail (RFC 1421)]]. | |PRIVACY-ENHANCED MESSAGE || Refer to [[Privacy-Enhanced Mail (RFC 1421)]]. | ||
|- | |- | ||
− | |RSA PRIVATE KEY || | + | |RSA PRIVATE KEY || Refer to [[PEM encoded RSA private key]]. |
|- | |- | ||
|X509 CRL || | |X509 CRL || |
Revision as of 01:05, 18 October 2013
PEM (Privacy-Enhanced Mail) refers both to the secure email format defined in RFC 1421 and related RFCs, and (much more commonly) to the loosely-defined family of formats inspired by RFC 1421 format. This article is about the whole family of PEM formats. For information specific to the original PEM format, refer to Privacy-Enhanced Mail (RFC 1421).
PEM formats are usually related to encryption, especially public-key encrypted communications. Most of them are not related to email, so calling them Privacy-Enhanced Mail is confusing. Some of the most common formats were apparently invented by the SSLeay/OpenSSL developers.
Format
This section describes PEM format in general, but it has not been confirmed to be correct for every specific PEM format.
A PEM file is plain text. It contain one or more objects, such as certificates or keys, which may not all be the same type. Each object is delimited by lines similar to "-----BEGIN ...-----
" and "-----END ...-----
". Data that is not between such lines is ignored, and is sometimes used for comments, or for a human-readable dump of the encoded data.
Following the "BEGIN" and "END" keywords is a name (such as "CERTIFICATE") that can be used as an identifier for the type of object.
The data between the delimiter lines starts with an optional email-like header section, followed by base64-encoded payload data.
List of PEM Formats
This list is not complete.
Identifier | Description |
---|---|
CERTIFICATE | Refer to PEM encoded certificate. |
CERTIFICATE REQUEST | |
NEW CERTIFICATE REQUEST | |
PKCS7 | |
PKCS #7 SIGNED DATA | |
PRIVACY-ENHANCED MESSAGE | Refer to Privacy-Enhanced Mail (RFC 1421). |
RSA PRIVATE KEY | Refer to PEM encoded RSA private key. |
X509 CRL |