By Puneeth-Oracle on Mar 04, 2015
What are the different certificate extensions ?
How do they differ from each other ?
Common filename extensions for X.509 certificates are:
.pem – (Privacy-enhanced Electronic Mail) Base64 encoded DER certificate, enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----"
.cer, .crt, .der – usually in binary DER form, but Base64-encoded certificates are common too.
If you have a .pem file (Base64) then you can directly rename the file to .cer / .crt and open the certificate in Windows to view its contents. ( by double clicking on the file )
.p7b, .p7c – PKCS#7 SignedData structure without data, just certificate(s) or CRL(s)
.p12 – PKCS#12, may contain certificate(s) (public) and private keys (password protected)
.pfx – PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in IIS)
PKCS#7 is a standard for signing or encrypting (officially called "enveloping") data. Since the certificate is needed to verify signed data, it is possible to include them in the SignedData structure. A .P7C file is a degenerated SignedData structure, without any data to sign.
PKCS#12 evolved from the personal information exchange (PFX) standard and is used to exchange public and private objects in a single file.
Source : http://en.wikipedia.org/wiki/X.509
In this post we will see how to convert a pfx file to pem / JKS.....[Read More]