X.509 certificate overview + status
Eric Murray
ericm at lne.com
Mon Mar 2 13:02:47 EST 2009
On Mon, Mar 02, 2009 at 05:35:20PM +0100, Marcus Brinkmann wrote:
> Travis wrote:
> > Further, trying to dig into ASN.1 was extremely difficult. The specs
> > are full of obtuse language, using terms like "object" without
> > defining them first. Are there any tools that will dump certificates
> > in human-readable formats? I would really like something that could
> > take a PEM file of a cert and display it in XML or something of the
> > sort.
>
> Ubuntu comes with dumpasn1. There are also quite a few libraries.
openssl will print certs in a more human readable but
slightly less complete format than dumpasn1:
% openssl x509 -text < cert
dumpasn1 does not read PEM, so you need to do
% openssl enc -d -c < cert > cert.der; dumpasn1 cert.der
It's a little old but RFC3280 is the most concise
and easiest to understand description of X.509 et. al.
that I have found.
Eric
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list