There doesn't seem to be any sort of standard naming convention for OpenSSL certificates, so I'd like to know if there's a simple command to get important information about any OpenSSL certificate, regardless of type. I'd like to know at least the certificate type (x509, RSA, DSA) and whether it's a public or private key. Looking at the contents of a certificate I just extracted from a PKCS12 file, neither of these are explicitly shown.
Most CAs (Certificate Authority) provide certificates in PEM format in Base64 ASCII encoded files. The certificate file types can be . pem, . crt, .
Another simple way to view the information in a certificate on a Windows machine is to just double-click the certificate file. You can use this certificate viewer by simply pasting the text of your certificate into the box below and the Certificate Decoder will do the rest.
There are three main types of certificates: domain validated (DV), organization validated (OV), and extended validation (EV). An authentic authority must obtain the certificate so that users won't see this message. Any certificate will provide the same level of protection, no matter the type of validation.
Firstly, you have a few terminology problems:
So, if you're examining a PKCS#12 file (typically .p12 extension), then you already know:
All you don't know is whether those certificate & private key are RSA or DSA. You can check this by extracting the certificate(s), and then examine them:
openssl pkcs12 -in mycert.p12 -clcerts -nokeys -out mycert.crt openssl x509 -in mycert.crt -text
The text output of the openssl x509
command should include a Subject Public Key
section, which will include fields that let you see if it's an RSA or DSA key (along with the key size).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With