X.509 Certificates

mostly using openssl tool to manage X.509 Certificates

Abstract Syntax Notation One (ASN.1)

X.680 : Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation
ASN.1 - Wikiwand
ASN.1 Made Simple - Introduction
RFC 6025 - ASN.1 Translation

RFC 5911 - New ASN.1 Modules for Cryptographic Message Syntax (CMS) and S/MIME
RFC 5912 - New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)

PKI

The authentication of server relied on Certificate Authorities (CA) and a public key infrastructure using X.509 certificates.
The server register with a CA who sign the server's public key with the key of CA for a fee. The client, after receiving the public key from server, verifies server's signature of session randoms and the certificate chain.

The Dark Side of Digital Trust

Public-Key Infrastructure (X.509) (pkix)
RFC 5280· - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
RFC 6125 - Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)
RFC 7250 - Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
draft-ietf-cose-cbor-encoded-cert-13 - CBOR Encoded X.509 Certificates (C509 Certificates)

service-identity documentation host name verification to full RFC 6125
pyca/service-identity: Service Identity Verification for Python

Public Key Infrastructure 101 - IDManagement
Everything you should know about certificates and PKI but are too afraid to ask
Never DIY Your PKI
The State of Certificates for Identity Based Security
PKI Problems: 7 reasons why teams struggle | Keyfactor

CA/Browser Forum - Certificate Issuers, Certificate Consumers, and Interested Parties Working to Secure the Web

What’s the difference between DV, OV & EV SSL certificates?
Domain-validated certificate - Wikiwand
Extended Validation Certificate - Wikiwand
Different levels of identity checks required in TLS/SSL certificates:
Domain Validation (DV): web domain verification
Organization Validation (OV): validating a domain’s owner as well as organization type, name, status, phone number and organization blocklist check
Extended Validation (EV): adding validation of the organization’s registration number, jurisdiction, operational existence, domain fraud check and blocklist checks

Certificate Transparency (CT)

Certificate Transparency - Wikiwand
How CT Works : Certificate Transparency adds two intermediate CA
What is Certificate Transparency? | DigiCert FAQ
what is Certificate Transparency - Phind

Delegated Credentials

short living "subcerts" signed by server cert
better balance between security and reliability

Delegated credential - Wikiwand
RFC 9345 - Delegated Credentials for TLS and DTLS
Delegated Credentials for TLS
Delegated credentials: Improving TLS security - Engineering at Meta
Validating Delegated Credentials for TLS in Firefox - Mozilla Security Blog
Delegated credentials: Improving TLS security - Engineering at Meta

Keyless SSL

Cloudflare's proprietary protocol for using key server
discussion on how the server secret key is used
use Delegated Credentials instead

How does keyless SSL work? | Forward secrecy | Cloudflare
Keyless SSL: The Nitty Gritty Technical Details

Cert Revocation

OSCP and CRL, both are not ideal

Certificate revocation - Wikiwand
Online Certificate Status Protocol vs Certificate Revocation Lists
OCSP vs CRL Explained

Certificate revocation list - Wikiwand CRL covered in RFC 5280 X.509 PKI
Let’s Encrypt 的六天有效 TLS certificate 計畫 – Gea-Suan Lin's BLOG
RFC 2585 - Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP CRL with FTP and HTTP

Online Certificate Status Protocol - Wikiwand alternative to CRL, less data, response of status of a particular cert signed by CA
RFC 6960 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
What is OCSP and how does it work? | Ascertia | Blog
SSL OCSP Exchange
The Slow Death of OCSP | Feisty Duck
Ending OCSP Support in 2025 - Let's Encrypt

Chrome does certificate revocation better | ZDNET
why standard revocation mechanism won't work, Chrome don't use OSCP

Trusted CA

Linux's trusted CA certs are store in /etc/ssl/certs/:

fd . '/etc/ssl/certs/' -e pem | xargs -d"\n" -n1 -I@ -P(nproc) openssl x509 -in @ -text -noout

Rouge CA

As it turns out, CA may not be trust-worthy after all. There are many instances of CA issuing fraudulent certificates (willingly or being hacked).

https 技术鉴赏 - YouTube
How CT Works : Certificate Transparency the issuance of cert is accompanied by a SCT record on blockchain
RFC 9162: Certificate Transparency Version 2.0
certificate-transparency/docs/SCTValidation.md at master · google/certificate-transparency · GitHub
How CT Works : Certificate Transparency
Engineering deep dive: Encoding of SCTs in certificates - Let's Encrypt
What is Certificate Transparency? - SSL Certificates - Namecheap.com

How the Comodo certificate fraud calls CA trust into question | Ars Technica

Google warns of unauthorized TLS certificates trusted by almost all OSes [Updated] | Ars Technica
Google Chrome will banish Chinese certificate authority for breach of trust | Ars Technica

Another fraudulent certificate raises the same old questions about certificate authorities | Ars Technica

Trust issues: Know the limits of SSL certificates | InfoWorld
Free public certificate authorities: Nice idea, big flaw | InfoWorld

http://arstechnica.com/search/?ie=UTF-8&q=+Certificate+Authorities

Timestamp Authority (TSA)

RFC 3161 - Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)
RFC 5816 - ESSCertIDv2 Update for RFC 3161
Trusted timestamping - Wikiwand
What is a timestamping authority? | Ascertia | Blog

Free Time Stamp Authority
sigstore/timestamp-authority: RFC3161 Timestamp Authority

TLS Cert

go to Google
view cert info
export/download cert

# view cert info
openssl x509 -inform PEM -in certificate.pem -noout -text

# dump key
openssl x509 -inform PEM -in certificate.pem -pubkey -noout > public_key.pem

# For RSA keys
openssl rsa -inform PEM -pubin -in public_key.pem -modulus -noout

# For ECDSA keys
openssl ec -inform PEM -pubin -in public_key.pem -pubout -text

# For Ed25519 keys
openssl pkey -inform PEM -pubin -in public_key.pem -pubout -text

Key/Cert Types (Encodings)

X.690 - Wikiwand
BER: Basic Encoding Rules
DER: Distinguished Encoding Rules, subset of BER
CER: Canonical Encoding Rules, subset of BER where string are chopped in 1000 bytes chunks

DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them
PEM, DER, CRT, and CER: X.509 Encodings and Conversions - SSL.com
tls - What's the difference between X.509 and PKCS#7 Certificate? - Information Security Stack Exchange ❗!importanpt

SSH vs. X.509 Certificates
RFC 1421 - Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures PEM
RFC 4716 - The Secure Shell (SSH) Public Key File Format use ssh-keygen to generate/convert OpenSSH keys

Appendix A: MIME Types — OpenSSL PKI Tutorial

Matching a Private Key to a Public Key

key: no meta data, just the prime numbers and modulus
cert: with meta data

X.509 is the PKI protocol and defines the actual certificate (container) format
DER, PEM, PKCS#7, PKCS#8, PKCS#12 are encoding standards

PEM (Privacy Enhanced Mail) base64 DER, with text headers and footers
File extensions: .pem, .key, .csr, .crt
DER (Distinguished Encoding Rules), binary without text headers and footers
File extensions: .der, .cer
PKCS (Public-Key Cryptography Standards)
File extensions: .p7b (PKCS#7/CMS), .pfx, .p12 (PKCS#12 binary), .csr (PKCS#10 base64), .req (PKCS#10)

# view cert
openssl x509 -in cert.pem -text -noout

# match public and private key
openssl x509 -in cert.pem -noout -modulus
openssl rsa -in privkey.pem -noout -modulus
# regenerate public key
openssl rsa -in privkey.pem -pubout

Ciphers

Using Shangmi algorithms
Structure Analysis and Generation of X.509 Digital Certificate Based on National Secret - IOPscience
An example of a X.509 certificate using SM2 / SM3 · GitHub

cert generation

🔐 HTTPS certificate generation explained! Now setup HTTPS for local development environment (without sudo) | Blog
How to create a .pfx/.p12 certificate file using OpenSSL – SSL Information and FAQ
HOWTO: Generate a CSR for OpenSSL – (see tools.ssl.com) – SSL Information and FAQ
ssl - How to create a self-signed certificate with openssl? - Stack Overflow
OpenSSL CSR Tool - Create Your CSR Faster | DigiCert.com

How To Create a Self-Signed SSL Certificate for Nginx in Ubuntu 16.04 | DigitalOcean

Manage sensitive data with Docker secrets | Docker Documentation

Five Tips for Using Self Signed SSL Certificates with iOS | HttpWatch BlogHttpWatch Blog also on own CA

# private key and cert (CSR in the pipeline)
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout selfsigned.key -out selfsigned.crt

openssl genrsa -out privatekey.pem 2048 # key only
openssl req -new -key privatekey.pem -out CSR.csr # CSR only
# private key and CSR
openssl req -nodes -new -newkey rsa:2048 -keyout privatekey.key -out CSR.csr
# then sign SSH certificate (.crt) with csr
openssl x509 -req -days 365 -in CSR.csr -signkey privatekey.key -out selfsigned.crt

openssl genpkey -algorithm RSA -out privatekey.pem -pkeyopt rsa_keygen_bits:2048 # private key only
openssl rsa -pubout -in privatekey.pem -out publickey.pem

openssl genrsa -out rsa_1024_priv.pem 1024
openssl rsa -pubout -in rsa_1024_priv.pem -out rsa_1024_pub.pem

query cert

How to examine the metadata of an SSL (HTTPS/TLS) cert
SSL Certificate Tools

# X.509
openssl x509 -text -noout -in certificate.pem
openssl x509 -text -noout -in certificate.cert

# DER
openssl req -text -noout -in certificate.csr

# PKCS#12 (.pfx or .p12)
openssl pkcs12 -info -in key.p12

# read RSA key
openssl rsa -in private.key -text -noout
openssl rsa -RSAPublicKey_in -in public.key -text -noout

OpenSSL Cookbook 3rd Edition - 2.5 Extracting Remote Certificates

conversion

SSL Converter - Convert SSL Certificates to different formats
Converting OpenSSH public keys - Odd Bits

# DER (.crt .cer .der) -> PEM
openssl x509 -inform der -in certificate.cer -out certificate.pem
# PEM -> DER
openssl x509 -outform der -in certificate.pem -out certificate.der
# PKCS#12 -> PEM
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
#  You can add -nocerts to only output the private key or add -nokeys to only output the certificates.
# PEM -> PKCS#12
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt