[144312] in cryptography@c2.net mail archive
Re: X.509 certificate overview + status
daemon@ATHENA.MIT.EDU (Eric Murray)
Mon Mar 2 14:47:12 2009
Date: Mon, 2 Mar 2009 10:02:47 -0800
From: Eric Murray <ericm@lne.com>
To: cryptography@metzdowd.com
In-Reply-To: <49AC0AC8.7030102@ruhr-uni-bochum.de>
On Mon, Mar 02, 2009 at 05:35:20PM +0100, Marcus Brinkmann wrote:
> Travis wrote:
> > Further, trying to dig into ASN.1 was extremely difficult. The specs
> > are full of obtuse language, using terms like "object" without
> > defining them first. Are there any tools that will dump certificates
> > in human-readable formats? I would really like something that could
> > take a PEM file of a cert and display it in XML or something of the
> > sort.
>
> Ubuntu comes with dumpasn1. There are also quite a few libraries.
openssl will print certs in a more human readable but
slightly less complete format than dumpasn1:
% openssl x509 -text < cert
dumpasn1 does not read PEM, so you need to do
% openssl enc -d -c < cert > cert.der; dumpasn1 cert.der
It's a little old but RFC3280 is the most concise
and easiest to understand description of X.509 et. al.
that I have found.
Eric
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
