创建公钥 - 私钥对和证书时,通常我们会看到证书如下所示:
-----BEGIN CERTIFICATE-----
XXX
XXX
...
XXX
-----END CERTIFICATE-----
如果我理解正确,证书应该包含很多信息,如发行人,时间,算法,公钥等。
有人能告诉我浏览器如何解码此证书吗?
答案 0 :(得分:2)
大多数编程语言都有执行此操作的功能,或者您可以使用OpenSSL命令行实用程序。
例如,在PHP中,您可以使用openssl_x509_parse()函数
这是获取证书信息的list of OpenSSL commands。大多数编程语言都允许您调用openssl等系统命令。
以下是删除页面时的链接信息:
# Using the -text option will give you the full breadth of information.
openssl x509 -text -in cert.pem
# who issued the cert?
openssl x509 -noout -in cert.pem -issuer
# to whom was it issued?
openssl x509 -noout -in cert.pem -subject
# for what dates is it valid?
openssl x509 -noout -in cert.pem -dates
# the above, all at once
openssl x509 -noout -in cert.pem -issuer -subject -dates
# what is its hash value?
openssl x509 -noout -in cert.pem -hash
# what is its MD5 fingerprint?
openssl x509 -noout -in cert.pem -fingerprint
以下是在PayPal API公钥上运行时-text完整信息选项的输出:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=CA, L=Mountain View, O=PayPal Inc., OU=live_certs, CN=live_api/emailAddress=re@paypal.com
Validity
Not Before: Feb 13 10:13:15 2004 GMT
Not After : Feb 13 10:13:15 2035 GMT
Subject: C=US, ST=CA, L=Mountain View, O=PayPal Inc., OU=live_certs, CN=live_api/emailAddress=re@paypal.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:c1:47:4e:dd:fc:44:cc:4b:5c:9c:8e:d9:29:92:
f8:d7:65:ef:64:fb:a0:a2:78:bb:8b:b0:fb:a6:b0:
9e:d0:0b:5a:1d:37:3d:ec:26:20:9b:b3:6c:02:d2:
72:c4:d2:e2:c6:68:4b:57:ca:72:20:46:a2:1d:75:
80:87:c7:cf:29:6f:91:d3:5e:fe:12:65:eb:af:d1:
1a:aa:e3:e6:b1:5b:d3:cb:00:00:13:53:cc:34:e2:
aa:a3:69:25:e0:6c:62:cf:dc:d9:a8:86:a3:3a:6d:
5f:64:65:9c:19:2d:1f:e4:94:36:90:1a:8d:6e:f6:
e0:db:f6:5a:f8:62:7f:ab:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9F:7C:BB:C6:6F:17:BD:59:3F:52:D7:0A:1B:EC:10:D6:64:94:6B
X509v3 Authority Key Identifier:
keyid:96:9F:7C:BB:C6:6F:17:BD:59:3F:52:D7:0A:1B:EC:10:D6:64:94:6B
DirName:/C=US/ST=CA/L=Mountain View/O=PayPal Inc./OU=live_certs/CN=live_api/emailAddress=re@paypal.com
serial:00
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
81:5f:3a:56:9a:80:5a:e5:ef:5f:a3:ab:a3:8a:89:d6:d6:15:
21:3e:43:81:6a:44:eb:dd:80:83:8d:b6:1f:bc:91:22:bf:fd:
8f:f8:8a:1b:84:e1:89:af:ce:7e:5c:78:4d:d2:fe:20:52:41:
03:23:ca:f6:fe:b3:64:d6:6d:06:03:c1:ca:75:db:d3:8f:21:
b0:fd:7a:97:6b:e2:d2:4e:50:d8:92:a2:3c:3b:04:7c:18:46:
23:e1:e7:c4:b5:c4:69:45:80:71:57:c2:b1:01:6f:77:60:35:
b3:14:6b:eb:b8:a9:e7:2d:b0:c0:17:a5:51:e7:0f:dc:08:c9:
f9:87
-----BEGIN CERTIFICATE-----
MIIDgzCCAuygAwIBAgIBADANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQ
YXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9h
cGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20wHhcNMDQwMjEzMTAxMzE1
WhcNMzUwMjEzMTAxMzE1WjCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYw
FAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEG
A1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0B
CQEWDXJlQHBheXBhbC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMFH
Tt38RMxLXJyO2SmS+Ndl72T7oKJ4u4uw+6awntALWh03PewmIJuzbALScsTS4sZo
S1fKciBGoh11gIfHzylvkdNe/hJl66/RGqrj5rFb08sAABNTzDTiqqNpJeBsYs/c
2aiGozptX2RlnBktH+SUNpAajW724Nv2Wvhif6sFAgMBAAGjge4wgeswHQYDVR0O
BBYEFJaffLvGbxe9WT9S1wob7BDWZJRrMIG7BgNVHSMEgbMwgbCAFJaffLvGbxe9
WT9S1wob7BDWZJRroYGUpIGRMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0Ex
FjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMw
EQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3
DQEJARYNcmVAcGF5cGFsLmNvbYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
BQUAA4GBAIFfOlaagFrl71+jq6OKidbWFSE+Q4FqROvdgIONth+8kSK//Y/4ihuE
4Ymvzn5ceE3S/iBSQQMjyvb+s2TWbQYDwcp129OPIbD9epdr4tJOUNiSojw7BHwY
RiPh58S1xGlFgHFXwrEBb3dgNbMUa+u4qectsMAXpVHnD9wIyfmH
-----END CERTIFICATE-----
答案 1 :(得分:0)
回答我自己的问题:它只是一个Base64编码。