certs   548

« earlier    

DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them | https://support.ssl.com/
Microsofty things use the '.cer' extension (which is interchangeable with '.crt'), and are often DER-encoded. PEM-encoded certs are "ASCII (Base64) armored data" prefixed with a "-----BEGIN CERTIFICATE-----" line.

Here's how to "cat" a DER-encoded certificate:
<code class="language-bash">
openssl x509 -in certificate.der -inform der -text -noout
</code>

And here's how to convert one in that format to the format expected on a Debian GNU/Linux system:
<code class="language-bash">
openssl x509 -in cert.crt -inform der -outform pem -out cert.crt
</code>

NB: the '.crt' extension seems to be important, otherwise 'sudo update-ca-certificates' doesn't pick up on new ones that you've added to /usr/local/share/ca-certificates.
ssl  certs  cacert  certificates  openssl  sysadmin  webmaster  crypto  fuckina  solution  importexport  conversion 
26 days ago by kme
openssl - how to extract issuer certificate from other certificate - Stack Overflow | https://stackoverflow.com/
This might work *if* the certificate embeds a URL for the issuer. This wasn't the case for my organization.
openssl  ssl  ca  certs  issuer  commandline  sysadmin  networking  sortof  solution 
4 weeks ago by kme
blog.filippo.io
mkcert: valid HTTPS certificates for localhost
mkcert  https  security  webdev  certs  localhost  development  moblog 
6 weeks ago by dougalcampbell

« earlier    

related tags

&  -  3scale  @twitter  agile  all  and  authority  aws  before-dawn  best  browser  ca  cacert  cacerts  cert  certbot  certificate  certificates  certification  check  chrome  chromium  cisco  code  commandline  comodo  comptia  conversion  create  credentials  crypto  cryptography  csr  curl  d8  dammitbrain  debugging  der  details  development  distrusts  docker  docs  documents  domain  domains  door  dos  drive  drupal  ec2  eff  electron  email  encryption  enumeration  ev  everything-you-should-know-about-certificates-and-pki-but-are-too-afraid-to-ask  expired  favs  finder  firefox  free  fuckina  github  gitlab-runner  gitlab  golang  google  government  hn  hstp  https  importexport  info  infosec  insecure  intermediate  issuer  its  jdk  jruby  juniper  lando  leaves  lets-encrypt  letsencrypt  linux  local  localdev  localhost  mail  microsoft  mitm  mkcert  moblog  myths  neha  networking  ngs  nightly  nsa  nss-tools  open  openbsd  openssl  ops  outliving  ownership  pem  pki  privacy  programming  py  python  rapidssl  reference  registry  root  sec511  security  server  service  shutdown  sign  signing  singh  sites  so  solution  sortof  sql  sqlserver  ssl  stack  stackoverflow  subdomain  symantec  sysadmin  thycotic  tip  tips  tls  to  tools  top  tricks  tweets  u.s.  valid  virtualization  vvv  warning  webdev  webdevel  webmaster  wildcard  windows  x509 

Copy this bookmark:



description:


tags: