Tuesday, September 9, 2008

Explain the certificate formats

Personal Information Exchange (PKCS #12)

The Personal Information Exchange format (PFX, also called PKCS #12) enables the transfer of certificates and their corresponding private keys from one computer to another or from a computer to removable media.

Because exporting a private key might expose it to unintended parties, the PKCS #12 format is the only format supported in this version of Windows for exporting a certificate and its associated private key.


Cryptographic Message Syntax Standard (PKCS #7)
The PKCS #7 format enables the transfer of a certificate and all the certificates in its certification path from one computer to another, or from a computer to removable media


DER Encoded Binary X.509

DER (Distinguished Encoding Rules) for ASN.1, as defined in ITU-T Recommendation X.509, might be used by certification authorities that are not on computers running Windows Server 2003, so it is supported for interoperability. DER certificate files use the .cer extension.


Base64 Encoded X.509

This is an encoding method developed for use with Secure/Multipurpose Internet Mail Extensions (S/MIME), which is a popular, standard method for transferring binary attachments over the Internet.

Because all MIME-compliant clients can decode Base64 files, this format might be used by certification authorities that are not on computers running Windows Server 2003, so it is supported for interoperability. Base64 certificate files use the .cer extension.


IIS7 document

No comments: