Certificates
PEM vs P12 vs CRT vs JKS vs keystore vs PKCS vs x509證書之間的區別
對不起這裡的菜鳥。我對許多使用客戶端身份驗證證書的文件感到非常困惑。誰能指導我 PEM、P12、CRT、JKS、Keystore、PKCS、x509 證書之間的區別?
我從維基百科得到了一些資訊,
In cryptography, X.509 is a standard defining the format of public key certificates. **Certificate filename extensions** There are several commonly used filename extensions for X.509 certificates. Unfortunately, some of these extensions are also used for other data such as private keys. .pem – (Privacy-enhanced Electronic Mail) Base64 encoded DER certificate, enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" .cer, .crt, .der – usually in binary DER form, but Base64-encoded certificates are common too (see .pem above) .p7b, .p7c – PKCS#7 SignedData structure without data, just certificate(s) or CRL(s) .p12 – PKCS#12, may contain certificate(s) (public) and private keys (password protected) .pfx – PFX, predecessor of PKCS#12 (usually contains data in PKCS#12 format, e.g., with PFX files generated in IIS) PKCS#7 is a standard for signing or encrypting (officially called "enveloping") data. Since the certificate is needed to verify signed data, it is possible to include them in the SignedData structure. A .P7C file is a degenerated SignedData structure, without any data to sign.[citation needed] PKCS#12 evolved from the personal information exchange (PFX) standard and is used to exchange public and private objects in a single file.[citation needed]