PKI¶
links: SPA TOC - Certificates and PKI - Index
This topic was already handled in AC2 - Public Key Infrastructure. This document adds some redundancy but summarizes the talking points discussed in the module SPA.
PKI Components¶
- Certificate Authority (CA)
- Registration Authority (RA)
- Validation Authority (VA)
- End Entity (EE)
- Repository
PKI Architecture¶
Certificate Request (PKCS#10)¶
openssl req -in newreq.pem -text
Certificate Request:
Data:
Version: 1 (0x0)
Subject: C = CH, ST = Bern, L = Bern, O = BFH, OU = Informatics, CN = client01.n025.nslab.ch
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a1:cb:f0:ef:cf:aa:dc:86:f5:
...
Exponent: 65537 (0x10001)
Attributes:
(none)
Requested Extensions:
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
11:81:c3:64:19:22:bf:bb:10:5b:
...
How a certificate is created¶
links: SPA TOC - Certificates and PKI - Index