A question I have is that, when a certificate is signed by a ca what actually happens. Does the ca use his private key to hash or something like that?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
A question I have is that, when a certificate is signed by a ca what actually happens. Does the ca use his private key to hash or something like that?
The CA sets the content of the X.509 certificate (see
TBScertificatesequence), including its own Subject DN as the certificate Issuer DN (same for alternative names, if any).Then, it signs the certificate to form the
Certificatesequence: it sets the signature type and fills in the signature which it has produced using its private key. For example, if the signature type is SHA-1 with RSA (quite common), it will produce a SHA-1 hash/digest ofTBScertificateand sign it using its (RSA) private key.