| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
Tags
- SSH
- 앨범북
- openssl
- git
- MSYS2
- SSL
- 인증
- OSX
- kmip
- css
- Nodejs
- apple
- fido
- otpkey
- MYSQL
- 2FA
- MFA
- 앱스토어
- Xcode
- OTP
- WebAuthn
- appres
- Android
- 애플
- 안드로이드
- SWIFT
- FIDO2
- albumbook
- SwiftUI
- 앱리소스
Archives
- Today
- Total
인디노트
오픈소스 PKI 문서 - 부록 B. 샘플 인증서 본문
- Table of Contents
- Sample Encrypted Private Key in PEM format (2048 bits)
- Sample Private Key in PEM format (2048 bits)
- Sample Private Key in TXT format (2048 bits)
- Sample CA Certificate in PEM format
- Sample CA Certificate in TXT format
- Sample certificate request in PEM format
- Sample certificate request in TXT format
Sample Encrypted Private Key in PEM format (2048 bits)
This is a sample private key in PEM format, encrypted with a pass phrase for more security.
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,19BE1C31E4FD722A
jO1O1v2ftXMsawM90tnXwc6xhOAT1gDBC9S8DKeca..JZNUgYYwNS0dP2UK
tmyN+XqVcAKw4HqVmChXy5b5msu8eIq3uc2NqNVtR..2ksSLukP8pxXcHyb
+sEwvM4uf8qbnHAqwnOnP9+KV9vds6BaH1eRA4CHz..n+NVZlzBsTxTlS16
/Umr7wJzVrMqK5sDiSu4WuaaBdqMGfL5hLsTjcBFD..Da2iyQmSKuVD4lIZ
yPQqjHKT70kEuSz+vdKuAzoIGNCvgQxXyqKSSX7td..1r7GBbjlIT7xgo8B
LvNaqyvLW5qKCMfWSVJr7xnP1xUU3MVoahhUPxOKX..sEvVM+tkeSPh7GxF
U9OQ79lqjt5iZVSJOzRsgxZ66ZsrG5b3xL+FQf6z5..WUM1uVAJ9zVv6sYV
JURDlKbTkS2pm84CXI6TTJUx/msopB0MFJ+QRobLk..TtteSqpOQopTy7/k
WVoiZfbjIx5yzE0gC72E5bqn/kk7looqshvHt5o1T..OeJ06cGJz4o6bhvL
E7djV3lKpKI4xhxo9nLsij87ByU4pZPZwa3ahh02r..VhkUWPmqwElO9mSf
7QQjk4VpzzxuHx9XKPnYMOE9p8EEJiAyMW+Ms6blh..t3P9GPUJ9aRaH7yl
uUwJ2JXIZu1us4oObAi2mAmSWBebKiWQYBzuNDryK..iNAcY/7kndVqcxV2
PCFMM9TwsiJq6r38+CfvdIkol7sQcPf4us1fpVJSc..EB9U7obrrgX6s2PG
yye805Bd/4dIFb0CqYrejbBfl5ZDXpFIMCrpETEQG..AdnFGO3wysU/Eylu
qzIsBzPdGAoSqa/Y+jdpQRIpWK3vc+nVKMrAzDOC+..pp092QQvokWkyHzO
B4H4DDDuZo9lnt0YgUA0zN6BGhPh6VPys9NgoGPCu..XbymSIq0xLdm7Yb6
2lvmO9/MslBMwNphEWc4EkkUNaoPf6V8OZ33B81Ch..D0bIvA5RhgX3ysd1
sk7m2Q7oNdJWLX8IP9Ubz2L3VpQQ20Vd90yx26smE..xuNXLk0JAgVgagBK
7nbB88S60oXjF1lTckLPfZrCLjFW7M1A4m2f/Xbee..CcS0fPTKp7DF4dwn
ifDTV8A4wSCe+MqWuWqOzYcYE8PpsM7WL2xsV3yPe..X3PF2s/Xub84GPD+
cmYQxBoghfTFiFBmyR85ivc5c+jIxY1PF4r2cO5Gv..3PWTmv8/9W7QvL0g
LPp6cKH9b9d+DDueLvuF3GYG4RTdJrYpn8v7cX+jo..cML31exYsqzCHXad
TqFpESeSK0Zrk3pNRDAHf8wh/cKaElJzGrfSUtCTr..+ct8Auw9ZQmJ0+Dv
XHhV92QUxvAgenoTQn0PBz87AEMQ6pM6413yEv6Ab..rLurwA5E1JoZhZLt
a1/eZjUYAxDn07eabeiAvYwuwCqDQD1SQ6BIJ4taN..c8kfiaGpZCbWCic8
-----END RSA PRIVATE KEY-----
|
 | Seven collumns have been removed and replaced with dots. This was done for printing purposes, as the full text exceeds the page margins, when generating the DVI document version. If you would like to see the private key, just pass to the next section. |
| The careful reader will see that the encryption algorithm used is 3DES. 3DES is a US standard (NIST FIPS 46-3). As a sidenote, 3DES is DES used 3 times in ENCRYPT, DECRYPT and finally ENCRYPT mode (EDE). The DES component was used in Cipher Block Chaining (CBC) mode, a common mode of encryption for block ciphers. |
Sample Private Key in PEM format (2048 bits)
This is a sample private key in PEM format.
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA3Tz2mr7SZiAMfQyuvBjM9Oi..Z1BjP5CE/Wm/Rr500P
RK+Lh9x5eJPo5CAZ3/ANBE0sTK0ZsDGMak2m1g7..3VHqIxFTz0Ta1d+NAj
wnLe4nOb7/eEJbDPkk05ShhBrJGBKKxb8n104o/..PdzbFMIyNjJzBM2o5y
5A13wiLitEO7nco2WfyYkQzaxCw0AwzlkVHiIyC..71pSzkv6sv+4IDMbT/
XpCo8L6wTarzrywnQsh+etLD6FtTjYbbrvZ8RQM..Hg2qxraAV++HNBYmNW
s0duEdjUbJK+ZarypXI9TtnS4o1Ckj7POfljiQI..IBAFyidxtqRQyv5KrD
kbJ+q+rsJxQlaipn2M4lGuQJEfIxELFDyd3XpxP..Un/82NZNXlPmRIopXs
2T91jiLZEUKQw+n73j26adTbteuEaPGSrTZxBLR..yssO0wWomUyILqVeti
6AkL0NJAuKcucHGqWVgUIa4g1haE0ilcm6dWUDo..fd+PpzdCJf1s4NdUWK
YV2GJcutGQb+jqT5DTUqAgST7N8M28rwjK6nVMI..BUpP0xpPnuYDyPOw6x
4hBt8DZQYyduzIXBXRBKNiNdv8fum68/5klHxp6..4HRkMUL958UVeljUsT
BFQlO9UCgYEA/VqzXVzlz8K36VSTMPEhB5zBATV..PRiXtYK1YpYV4/jSUj
vvT4hP8uoYNC+BlEMi98LtnxZIh0V4rqHDsScAq..VyeSLH0loKMZgpwFEm
bEIDnEOD0nKrfT/9K9sPYgvB43wsLEtUujaYw3W..Liy0WKmB8CgYEA34xn
1QlOOhHBn9Z8qYjoDYhvcj+a89tD9eMPhesfQFw..rsfGcXIonFmWdVygbe
6Doihc+GIYIq/QP4jgMksE1ADvczJSke92ZfE2i..fitBpQERNJO0BlabfP
ALs5NssKNmLkWS2U2BHCbv4DzDXwiQB37KPOL1c..kBHfF2/htIs20d1UVL
+PK+aXKwguI6bxLGZ3of0UH+mGsSl0mkp7kYZCm..OTQtfeRqP8rDSC7DgA
kHc5ajYqh04AzNFaxjRo+M3IGICUaOdKnXd0Fda..QwfoaX4QlRTgLqb7AN
ZTzM9WbmnYoXrx17kZlT3lsCgYEAm757XI3WJVj..WoLj1+v48WyoxZpcai
uv9bT4Cj+lXRS+gdKHK+SH7J3x2CRHVS+WH/SVC..DxuybvebDoT0TkKiCj
BWQaGzCaJqZa+POHK0klvS+9ln0/6k539p95tfX..X4TCzbVG6+gJiX0ysz
Yfehn5MCgYEAkMiKuWHCsVyCab3RUf6XA9gd3qY..fCTIGtS1tR5PgFIV+G
engiVoWc/hkj8SBHZz1n1xLN7KDf8ySU06MDggB..hJ+gXJKy+gf3mF5Kmj
DtkpjGHQzPF6vOe907y5NQLvVFGXUq/FIJZxB8k..fJdHEm2M4=
-----END RSA PRIVATE KEY-----
|
| Seven collumns have been removed and replaced with the dots. This was done for printing purposes, as the full text exceeds the page margins, when generating the DVI document version. If you really would like to see the private key, just pass to the next section. |
Sample Private Key in TXT format (2048 bits)
This is a sample private key in TXT format.
Private-Key: (2048 bit)
modulus:
00:dd:3c:f6:9a:be:d2:66:20:0c:7d:0c:ae:bc:18:
cc:f4:e8:89:8d:16:b3:5c:16:75:06:33:f9:08:4f:
d6:9b:f4:6b:e7:4d:0f:44:af:8b:87:dc:79:78:93:
e8:e4:20:19:df:f0:0d:04:4d:2c:4c:ad:19:b0:31:
8c:6a:4d:a6:d6:0e:e8:ae:e2:37:75:8d:d5:1e:a2:
31:15:3c:f4:4d:ad:5d:f8:d0:23:c2:72:de:e2:73:
9b:ef:f7:84:25:b0:cf:92:4d:39:4a:18:41:ac:91:
81:28:ac:5b:f2:7d:74:e2:8f:f9:a7:c1:c0:b1:93:
dd:cd:b1:4c:23:23:63:27:30:4c:da:8e:72:e4:0d:
77:c2:22:e2:b4:43:bb:9d:ca:36:59:fc:98:91:0c:
da:c4:2c:34:03:0c:e5:91:51:e2:23:20:ae:68:5e:
30:8f:9e:f5:a5:2c:e4:bf:ab:2f:fb:82:03:31:b4:
ff:5e:90:a8:f0:be:b0:4d:aa:f3:af:2c:27:42:c8:
7e:7a:d2:c3:e8:5b:53:8d:86:db:ae:f6:7c:45:03:
35:b6:52:9d:a0:c1:e0:da:ac:6b:68:05:7e:f8:73:
41:62:63:56:b3:47:6e:11:d8:d4:6c:92:be:65:aa:
f2:a5:72:3d:4e:d9:d2:e2:8d:42:92:3e:cf:39:f9:
63:89
publicExponent: 65537 (0x10001)
privateExponent:
5c:a2:77:1b:6a:45:0c:af:e4:aa:c3:91:b2:7e:ab:
ea:ec:27:14:25:6a:2a:67:d8:ce:25:1a:e4:09:11:
f2:31:10:b1:43:c9:dd:d7:a7:13:d7:14:21:91:c5:
15:27:ff:cd:8d:64:d5:e5:3e:64:48:a2:95:ec:d9:
3f:75:8e:22:d9:11:42:90:c3:e9:fb:de:3d:ba:69:
d4:db:b5:eb:84:68:f1:92:ad:36:71:04:b4:4a:f6:
03:2f:5f:6c:ac:b0:ed:30:5a:89:94:c8:82:ea:55:
eb:62:e8:09:0b:d0:d2:40:b8:a7:2e:70:71:aa:59:
58:14:21:ae:20:d6:16:84:d2:29:5c:9b:a7:56:50:
3a:10:0b:c6:70:2b:97:dd:f8:fa:73:74:22:5f:d6:
ce:0d:75:45:8a:61:5d:86:25:cb:ad:19:06:fe:8e:
a4:f9:0d:35:2a:02:04:93:ec:df:0c:db:ca:f0:8c:
ae:a7:54:c2:37:a1:11:7b:9f:40:54:a4:fd:31:a4:
f9:ee:60:3c:8f:3b:0e:b1:e2:10:6d:f0:36:50:63:
27:6e:cc:85:c1:5d:10:4a:36:23:5d:bf:c7:ee:9b:
af:3f:e6:49:47:c6:9e:b8:00:b0:d9:d2:de:07:46:
43:14:2f:de:7c:51:57:a5:8d:4b:13:04:54:25:3b:
d5
prime1:
00:fd:5a:b3:5d:5c:e5:cf:c2:b7:e9:54:93:30:f1:
21:07:9c:c1:01:35:64:7e:90:93:a7:13:d1:89:7b:
58:2b:56:29:61:5e:3f:8d:25:23:be:f4:f8:84:ff:
2e:a1:83:42:f8:19:44:32:2f:7c:2e:d9:f1:64:88:
74:57:8a:ea:1c:3b:12:70:0a:be:86:28:3b:4c:d5:
72:79:22:c7:d2:5a:0a:31:98:29:c0:51:26:6c:42:
03:9c:43:83:d2:72:ab:7d:3f:fd:2b:db:0f:62:0b:
c1:e3:7c:2c:2c:4b:54:ba:36:98:c3:75:b1:8f:69:
4b:5b:62:e2:cb:45:8a:98:1f
prime2:
00:df:8c:67:d5:09:4e:3a:11:c1:9f:d6:7c:a9:88:
e8:0d:88:6f:72:3f:9a:f3:db:43:f5:e3:0f:85:eb:
1f:40:5c:26:6f:31:49:82:4a:ec:7c:67:17:22:89:
c5:99:67:55:ca:06:de:e8:3a:22:85:cf:86:21:82:
2a:fd:03:f8:8e:03:24:b0:4d:40:0e:f7:33:25:29:
1e:f7:66:5f:13:68:b6:d2:5b:a8:54:17:e2:b4:1a:
50:11:13:49:3b:40:65:69:b7:cf:00:bb:39:36:cb:
0a:36:62:e4:59:2d:94:d8:11:c2:6e:fe:03:cc:35:
f0:89:00:77:ec:a3:ce:2f:57
exponent1:
00:c2:f9:01:1d:f1:76:fe:1b:48:b3:6d:1d:d5:45:
4b:f8:f2:be:69:72:b0:82:e2:3a:6f:12:c6:67:7a:
1f:d1:41:fe:98:6b:12:97:49:a4:a7:b9:18:64:29:
89:b6:4c:30:c6:83:93:42:d7:de:46:a3:fc:ac:34:
82:ec:38:00:90:77:39:6a:36:2a:87:4e:00:cc:d1:
5a:c6:34:68:f8:cd:c8:18:80:94:68:e7:4a:9d:77:
74:15:d6:b3:64:ca:50:85:14:30:7e:86:97:e1:09:
51:4e:02:ea:6f:b0:0d:65:3c:cc:f5:66:e6:9d:8a:
17:af:1d:7b:91:99:53:de:5b
exponent2:
00:9b:be:7b:5c:8d:d6:25:58:d7:98:1f:5b:cc:d5:
a8:2e:3d:7e:bf:8f:16:ca:8c:59:a5:c6:a2:ba:ff:
5b:4f:80:a3:fa:55:d1:4b:e8:1d:28:72:be:48:7e:
c9:df:1d:82:44:75:52:f9:61:ff:49:50:92:b7:67:
b3:c1:80:f1:bb:26:ef:79:b0:e8:4f:44:e4:2a:20:
a3:05:64:1a:1b:30:9a:26:a6:5a:f8:f3:87:2b:49:
25:bd:2f:bd:96:7d:3f:ea:4e:77:f6:9f:79:b5:f5:
f1:50:80:c7:6c:65:f8:4c:2c:db:54:6e:be:80:98:
97:d3:2b:33:61:f7:a1:9f:93
coefficient:
00:90:c8:8a:b9:61:c2:b1:5c:82:69:bd:d1:51:fe:
97:03:d8:1d:de:a6:23:be:61:0b:02:d7:c2:4c:81:
ad:4b:5b:51:e4:f8:05:21:5f:86:7a:78:22:56:85:
9c:fe:19:23:f1:20:47:67:3d:67:d7:12:cd:ec:a0:
df:f3:24:94:d3:a3:03:82:00:74:0b:68:1d:5b:88:
49:fa:05:c9:2b:2f:a0:7f:79:85:e4:a9:a3:0e:d9:
29:8c:61:d0:cc:f1:7a:bc:e7:bd:d3:bc:b9:35:02:
ef:54:51:97:52:af:c5:20:96:71:07:c9:17:00:6d:
ab:7d:27:c9:74:71:26:d8:ce
|
| The numbers are in hexadecimal notation where each couple of digits represents 8 bits. |
In decimal, the modulus n is:
27928727520532098560054510086934803266769027328779773633
51762493251995978285544035350906266382585272722398629867
67263282027760422651274751164233304322779357458680526177
93594651686619933029730312573799176384081348734718092523
53476550057243981913102899068449856388885987417785575633
66522578044678796800808595716146657069948593436088106761
86674067708949755093039975941211253008157978789036441127
01109572656021257137086334620169063315388954284609394192
32250643688514600699603929824545296848370051254650037973
10139479221307918200583851065828489354285517184240655579
54933738674003130224949637988279936009837240188474132980
1
|
If an adversary managed to factorise the modulus, she would come up with the factors p and q, where p is:
17791143933509595918127954499653383601218835098160342274
21719349464132778400846891474457120589082133325302604179
82181001327467441044697854896458761089076165690493808885
78606941384914032562858753139200694087767527290102835209
36343115102676302117059691295229400834867089684114302209
27632138221540171427701495839
|
and q is:
15698106667513592225651910118661853088086996081175911345
49581990193390503622003253143718326860723480921952218366
69795595987275285870475032000847646645415387334949112223
81409068648841957504994872889663428380162653646162371919
71899699949089072105502530930366392712822832371160724348
51400420434671809603239292759
|
The coefficient and the exponents 1 and 2 are used to increase the performance of those operations of RSA that make use of the private key. That is, they are used by the owner of the key and they are only visible to her.
| For information on software that works with natural numbers of arbitrary size, you may find the GMP library quite useful. |
Sample CA Certificate in PEM format
This is a sample Certificate in PEM format.
-----BEGIN CERTIFICATE-----
MIIEczCCA1ugAwIBAgIBADANBgkqhkiG9w0BAQQFAD..AkGA1UEBhMCR0Ix
EzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAoTC0..0EgTHRkMTcwNQYD
VQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcn..XRpb24gQXV0aG9y
aXR5MRQwEgYDVQQDEwtCZXN0IENBIEx0ZDAeFw0wMD..TUwMTZaFw0wMTAy
MDQxOTUwMTZaMIGHMQswCQYDVQQGEwJHQjETMBEGA1..29tZS1TdGF0ZTEU
MBIGA1UEChMLQmVzdCBDQSBMdGQxNzA1BgNVBAsTLk..DEgUHVibGljIFBy
aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFD..AMTC0Jlc3QgQ0Eg
THRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCg..Tz2mr7SZiAMfQyu
vBjM9OiJjRazXBZ1BjP5CE/Wm/Rr500PRK+Lh9x5eJ../ANBE0sTK0ZsDGM
ak2m1g7oruI3dY3VHqIxFTz0Ta1d+NAjwnLe4nOb7/..k05ShhBrJGBKKxb
8n104o/5p8HAsZPdzbFMIyNjJzBM2o5y5A13wiLitE..fyYkQzaxCw0Awzl
kVHiIyCuaF4wj571pSzkv6sv+4IDMbT/XpCo8L6wTa..sh+etLD6FtTjYbb
rvZ8RQM1tlKdoMHg2qxraAV++HNBYmNWs0duEdjUbJ..XI9TtnS4o1Ckj7P
OfljiQIDAQABo4HnMIHkMB0GA1UdDgQWBBQ8urMCRL..5AkIp9NJHJw5TCB
tAYDVR0jBIGsMIGpgBQ8urMCRLYYMHUKU5AkIp9NJH..aSBijCBhzELMAkG
A1UEBhMCR0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFD..AoTC0Jlc3QgQ0Eg
THRkMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcm..ENlcnRpZmljYXRp
b24gQXV0aG9yaXR5MRQwEgYDVQQDEwtCZXN0IENBIE..DAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBBAUAA4IBAQC1uYBcsSncwA..DCsQer772C2ucpX
xQUE/C0pWWm6gDkwd5D0DSMDJRqV/weoZ4wC6B73f5..bLhGYHaXJeSD6Kr
XcoOwLdSaGmJYslLKZB3ZIDEp0wYTGhgteb6JFiTtn..sf2xdrYfPCiIB7g
BMAV7Gzdc4VspS6ljrAhbiiawdBiQlQmsBeFz9JkF4..b3l8BoGN+qMa56Y
It8una2gY4l2O//on88r5IWJlm1L0oA8e4fR2yrBHX..adsGeFKkyNrwGi/
7vQMfXdGsRrXNGRGnX+vWDZ3/zWI0joDtCkNnqEpVn..HoX
-----END CERTIFICATE-----
|
| This is the CA Certificate, also called the Root CA Certificate. The goal is to make the CA Certificate available to the bigger possible audience. Also, we would ask companies that make WWW browsers to include it in their list of Root CA Certificates. |
Sample CA Certificate in TXT format
This is a sample Certificate in TXT format.
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=GB, ST=Surrey, O=Best CA Ltd,
OU=Class 1 Public Primary Certification Authority,
CN=Best CA Ltd
Validity
Not Before: Feb 5 19:50:16 2000 GMT
Not After : Feb 4 19:50:16 2001 GMT
Subject: C=GB, ST=Surrey, O=Best CA Ltd,
OU=Class 1 Public Primary Certification Authority,
CN=Best CA Ltd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:dd:3c:f6:9a:be:d2:66:20:0c:7d:0c:ae:bc:18:
cc:f4:e8:89:8d:16:b3:5c:16:75:06:33:f9:08:4f:
d6:9b:f4:6b:e7:4d:0f:44:af:8b:87:dc:79:78:93:
e8:e4:20:19:df:f0:0d:04:4d:2c:4c:ad:19:b0:31:
8c:6a:4d:a6:d6:0e:e8:ae:e2:37:75:8d:d5:1e:a2:
31:15:3c:f4:4d:ad:5d:f8:d0:23:c2:72:de:e2:73:
9b:ef:f7:84:25:b0:cf:92:4d:39:4a:18:41:ac:91:
81:28:ac:5b:f2:7d:74:e2:8f:f9:a7:c1:c0:b1:93:
dd:cd:b1:4c:23:23:63:27:30:4c:da:8e:72:e4:0d:
77:c2:22:e2:b4:43:bb:9d:ca:36:59:fc:98:91:0c:
da:c4:2c:34:03:0c:e5:91:51:e2:23:20:ae:68:5e:
30:8f:9e:f5:a5:2c:e4:bf:ab:2f:fb:82:03:31:b4:
ff:5e:90:a8:f0:be:b0:4d:aa:f3:af:2c:27:42:c8:
7e:7a:d2:c3:e8:5b:53:8d:86:db:ae:f6:7c:45:03:
35:b6:52:9d:a0:c1:e0:da:ac:6b:68:05:7e:f8:73:
41:62:63:56:b3:47:6e:11:d8:d4:6c:92:be:65:aa:
f2:a5:72:3d:4e:d9:d2:e2:8d:42:92:3e:cf:39:f9:
63:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BA:B3:02:44:B6:18:30:75:0A:53:90:24:22:\
9F:4D:24:72:70:E5
X509v3 Authority Key Identifier:
keyid:3C:BA:B3:02:44:B6:18:30:75:0A:53:90:\
24:22:9F:4D:24:72:70:E5
DirName:/C=GB/ST=Some-State/O=Best CA Ltd/\
OU=Class 1 Public Primary Certification
Authority/CN=Best CA Ltd
serial:00
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: md5WithRSAEncryption
b5:b9:80:5c:b1:29:dc:c0:03:db:28:c8:a3:08:30:ac:41:ea:
fb:ef:60:b6:b9:ca:57:c5:05:04:fc:2d:29:59:69:ba:80:39:
30:77:90:f4:0d:23:03:25:1a:95:ff:07:a8:67:8c:02:e8:1e:
f7:7f:96:06:3e:7e:90:99:b2:e1:19:81:da:5c:97:92:0f:a2:
ab:5d:ca:0e:c0:b7:52:68:69:89:62:c9:4b:29:90:77:64:80:
c4:a7:4c:18:4c:68:60:b5:e6:fa:24:58:93:b6:72:ef:5c:9b:
a0:3a:c7:f6:c5:da:d8:7c:f0:a2:20:1e:e0:04:c0:15:ec:6c:
dd:73:85:6c:a5:2e:a5:8e:b0:21:6e:28:9a:c1:d0:62:42:54:
26:b0:17:85:cf:d2:64:17:89:c3:99:94:cf:0d:bd:e5:f0:1a:
06:37:ea:8c:6b:9e:98:22:df:2e:9d:ad:a0:63:89:76:3b:ff:
e8:9f:cf:2b:e4:85:89:96:6d:4b:d2:80:3c:7b:87:d1:db:2a:
c1:1d:71:7a:d1:fe:36:59:a7:6c:19:e1:4a:93:23:6b:c0:68:
bf:ee:f4:0c:7d:77:46:b1:1a:d7:34:64:46:9d:7f:af:58:36:
77:ff:35:88:d2:3a:03:b4:29:0d:9e:a1:29:56:78:60:fe:00:
15:98:7a:17
|
| This is the CA Certificate, also called the Root CA Certificate. It is in TXT format which is another way to say that it is in a human–readable format. |
| Notice the modulus. It has 2048 bits and it is the product of two big primes. Each prime has about 1024 bits. The security of the certificate relies on the difficulty to factorise this 2048–bits long (or over 600 decimal digits long) number. Since we generated this key–pair, we already know these two primes. All the mentioned values, in decimal, are in the section called Sample Private Key in TXT format (2048 bits). |
| We have chosen RSA for the public key algorithm. We could have chosen one of the alternatives, like El Gamal or elliptic curves. |
Sample certificate request in PEM format
This is a sample certificate request in PEM format.
-----BEGIN CERTIFICATE REQUEST-----
MIIC5DCCAcwCAQAwgZ4xCzAJBgNVBAYTAkdCMQ8wDQ..wZTdXJyZXkxDjAM
BgNVBAcTBUVnaGFtMRowGAYDVQQKExFBcnRzIEJ1aW..Ex0ZDEWMBQGA1UE
CxMNRGVwdC4gSGlzdG9yeTEZMBcGA1UEAxMQU2ltb3..XRlbGxpczEfMB0G
CSqGSIb3DQEJARYQc2ltb3NAb3BlbmNhLm9yZzCCAS..oZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN089pq+0mYgDH0MrrwYzPToiY..QYz+QhP1pv0a+dN
D0Svi4fceXiT6OQgGd/wDQRNLEytGbAxjGpNptYO6K..R6iMRU89E2tXfjQ
I8Jy3uJzm+/3hCWwz5JNOUoYQayRgSisW/J9dOKP+a..c2xTCMjYycwTNqO
cuQNd8Ii4rRDu53KNln8mJEM2sQsNAMM5ZFR4iMgrm..aUs5L+rL/uCAzG0
/16QqPC+sE2q868sJ0LIfnrSw+hbU42G2672fEUDNb..Nqsa2gFfvhzQWJj
VrNHbhHY1GySvmWq8qVyPU7Z0uKNQpI+zzn5Y4kCAw..A0GCSqGSIb3DQEB
BAUAA4IBAQC2y+cj6EmXzHunozGDv3fu9rw+T7SLrh..tY0K4L5w/4jOXRS
Q5VHn8o2M1E8JE2iK9tg24Nkh9GvkODxbP2ABYKslT..pZ8KC+wHCDZyXCY
Fgrass8oENyZG2VFFlfgbtRUssdKldJcJKpgnsHyt1..xJ11Y0t0n9ruayu
Oqp9lTEu6e+Lhhcuad4JncXiSR0EdG75AqN9bbI8NG..tgzzOrvfYNtGe9t
EI/wriWPQvl4QLJ5VevzuIC62dQztVQmDR2hPd2J8/..1ArMX5olNCef2XB
Rghkcki7R/ZpuuwaXkT+qDu+eoDwju0P
-----END CERTIFICATE REQUEST-----
|
| This is the certificate request that a Certification Authority needs to sign. Typical CAs could be Verisign, Thawte and of course OpenCA. |
Sample certificate request in TXT format
This is a sample certificate request in TXT format.
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=GB, ST=Surrey, L=Egham,
O=Arts Building Ltd,
OU=Dept. History,
CN=Simos Xenitellis/Email=simos@openca.org
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:dd:3c:f6:9a:be:d2:66:20:0c:7d:0c:ae:bc:18:
cc:f4:e8:89:8d:16:b3:5c:16:75:06:33:f9:08:4f:
d6:9b:f4:6b:e7:4d:0f:44:af:8b:87:dc:79:78:93:
e8:e4:20:19:df:f0:0d:04:4d:2c:4c:ad:19:b0:31:
8c:6a:4d:a6:d6:0e:e8:ae:e2:37:75:8d:d5:1e:a2:
31:15:3c:f4:4d:ad:5d:f8:d0:23:c2:72:de:e2:73:
9b:ef:f7:84:25:b0:cf:92:4d:39:4a:18:41:ac:91:
81:28:ac:5b:f2:7d:74:e2:8f:f9:a7:c1:c0:b1:93:
dd:cd:b1:4c:23:23:63:27:30:4c:da:8e:72:e4:0d:
77:c2:22:e2:b4:43:bb:9d:ca:36:59:fc:98:91:0c:
da:c4:2c:34:03:0c:e5:91:51:e2:23:20:ae:68:5e:
30:8f:9e:f5:a5:2c:e4:bf:ab:2f:fb:82:03:31:b4:
ff:5e:90:a8:f0:be:b0:4d:aa:f3:af:2c:27:42:c8:
7e:7a:d2:c3:e8:5b:53:8d:86:db:ae:f6:7c:45:03:
35:b6:52:9d:a0:c1:e0:da:ac:6b:68:05:7e:f8:73:
41:62:63:56:b3:47:6e:11:d8:d4:6c:92:be:65:aa:
f2:a5:72:3d:4e:d9:d2:e2:8d:42:92:3e:cf:39:f9:
63:89
Exponent: 65537 (0x10001)
Attributes:
a0:00
Signature Algorithm: md5WithRSAEncryption
b6:cb:e7:23:e8:49:97:cc:7b:a7:a3:31:83:bf:77:ee:f6:bc:
3e:4f:b4:8b:ae:1b:ed:e2:82:89:2a:d6:34:2b:82:f9:c3:fe:
23:39:74:52:43:95:47:9f:ca:36:33:51:3c:24:4d:a2:2b:db:
60:db:83:64:87:d1:af:90:e0:f1:6c:fd:80:05:82:ac:95:3c:
4f:a0:3d:f1:96:96:7c:28:2f:b0:1c:20:d9:c9:70:98:16:0a:
da:b2:cf:28:10:dc:99:1b:65:45:16:57:e0:6e:d4:54:b2:c7:
4a:95:d2:5c:24:aa:60:9e:c1:f2:b7:5e:a7:24:fe:6f:6f:12:
75:d5:8d:2d:d2:7f:6b:b9:ac:ae:3a:aa:7d:95:31:2e:e9:ef:
8b:86:17:2e:69:de:09:9d:c5:e2:49:1d:04:74:6e:f9:02:a3:
7d:6d:b2:3c:34:64:8f:ec:33:e3:56:d8:33:cc:ea:ef:7d:83:
6d:19:ef:6d:10:8f:f0:ae:25:8f:42:f9:78:40:b2:79:55:eb:
f3:b8:80:ba:d9:d4:33:b5:54:26:0d:1d:a1:3d:dd:89:f3:fb:
bf:f0:c7:4a:73:50:2b:31:7e:68:94:d0:9e:7f:65:c1:46:08:
64:72:48:bb:47:f6:69:ba:ec:1a:5e:44:fe:a8:3b:be:7a:80:
f0:8e:ed:0f
|
| This is the expanded version of the certificate request from the section called Sample certificate request in PEM format. You can notice the user information and the n, e from RSA. |
반응형
'인증기술 > PKI 기술' 카테고리의 다른 글
| 오픈소스 PKI 문서 - 부록 D. OpenCA 설치 세부 사항 (0) | 2018.09.27 |
|---|---|
| 오픈소스 PKI 문서 - 부록 C. PKI 알고리즘 (0) | 2018.09.27 |
| 오픈소스 PKI 문서 - 부록 A. Perl 모듈 (0) | 2018.09.27 |
| 오픈소스 PKI 문서 - 제 13 장. 기여 (0) | 2018.09.27 |
| 오픈소스 PKI 문서 - 제 12 장. 상표 (0) | 2018.09.27 |
Comments