X.509 certificate overview + status
Marcus Brinkmann
marcus.brinkmann at ruhr-uni-bochum.de
Mon Mar 2 11:35:20 EST 2009
Travis wrote:
> Recently I set up certificates for my server's SSL, SMTP, IMAP, XMPP,
> and OpenVPN services. Actually, I created my own CA for some of the
> certificates, and in other cases I used self-signed. It took me
> substantially more time than I had anticipated, and I'm left with
> feelings of unease.
Welcome to the club!
> Further, trying to dig into ASN.1 was extremely difficult. The specs
> are full of obtuse language, using terms like "object" without
> defining them first. Are there any tools that will dump certificates
> in human-readable formats? I would really like something that could
> take a PEM file of a cert and display it in XML or something of the
> sort.
Ubuntu comes with dumpasn1. There are also quite a few libraries.
> I'm plowing through the O'Reilly OpenSSL book, but are there other
> resources out there that could help me, or others like me?
You should be aware of Peter Gutmann's style guide:
http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt
Thanks,
Marcus
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list