SSL Certificate – Key Concept
SSL-certificate
- SSL Certificate Types:
A. Certificate Signing Request.
- A certificate signing request (CSR) is one of the first steps towards getting your own SSL/TLS certificate
- Format: .csr
B. Certificate Formats
An SSL Certificate is essentially an X.509 certificate. X.509 is a standard that defines the structure of the certificate. It defines the data fields that should be included in the SSL certificate. X.509 uses a formal language called Abstract Syntax Notation One (ASN.1) to express the certificate’s data structure.
- PEM Format (use most often): .pem, .crt, .cer, or .key
- PKCS#7 Format: .p7b or .p7c
- DER Format: .der or .cer
- PKCS#12 Format: .pfx or .p12
2. Steps To Generate A Certificate?
- Step1: generate a .csr: using openssl to easy generate:
openssl req -new -newkey rsa:2048 -nodes -keyout domain.com.key -out domain.com.csr
This command will generate 02 files:
domain.com.csr: to fill to the CA request
domain.com.key: a private key, keep it!
- Step2: Fill .csr to a CA
Then we will get a x509 certificate, save it as .cer or .crt as your public key.
- Step3 (Option): Check the public and private key pair: https://help.configuressl.com/ssl-tools/certificate-key-matcher/
- Step4 (Option): Convert .cer or .crt to .pfx cert: https://help.configuressl.com/ssl-tools/ssl-converter/
