Friday, July 30, 2021

X.509 Certificate Format | Purpose of X.509 Certificate

 

X.509 Certificate

X.509 provides authentication services and defines authentication protocols. X.509 uses X.500 directory which contains: Public key certificates and Public key of users signed by certification authority.

X.509 certificate format is used in S/MIME, IP Security, and SSL/TLS. X.509 is based on the use of public-key cryptography (preferably RSA) and digital signatures.



Figure : X.509 Certificate Format

Version: Differentiates among successive versions of the certificate format; the default is version 1. Two other versions (2 and 3) are also available as shown in the figure.

Serial number: An integer value, unique within the issuing CA, different for each certificate.

Signature algorithm identifier: The algorithm used to sign the certificate, together with any associated parameters. Ex., sha256RSA

Issuer name: X.500 name of the CA that created and signed this certificate.

Period of validity: Consists of two dates: the first and last on which the certificate is valid.

Subject name: The name of the user to whom this certificate refers.

Subject's public-key information: The public key of the subject, plus an identifier of the algorithm for which this key is to be used, together with any associated parameters.

Issuer unique identifier: An optional bit string field used to identify uniquely the issuing CA in the event the X.500 name has been reused for different entities.

Subject unique identifier: An optional bit string field used to identify uniquely the subject in the event the X.500 name has been reused for different entities.

Extensions: A set of one or more extension fields.

Signature: Covers all of the other fields of the certificate; it contains the hash code of the other fields, encrypted with the CA's private key. This field includes the signature algorithm identifier.


Purpose of X.509 Certificate:

The main purpose of Digital certificates (SSL/TLS Certificates), is to identify people and resources over networks such as the Internet & also to provide secure, confidential communication between two parties using encryption.


Summery of X.509 Certificate:

       To learn more about X.509 Ceritificate format, Watch below video


Video : X.509 Ceritifcate Format

Watch more videos click here.

No comments:

Post a Comment