Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95 (0x5f)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=, O=, CN=
Validity
Not Before: Apr 22 16:42:11 2008 GMT
Not After : Apr 22 16:42:11 2009 GMT
Subject: C=, O=, CN=, L=, ST=
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
...
...
...
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage: critical
Code Signing
X509v3 Authority Key Identifier:
keyid: ...
Signature Algorithm: sha1WithRSAEncryption
a9:55:56:9b:9e:60:7a:57:fd:7:6b:1e:c0:79:1c:50:62:8f:
...
...
-----BEGIN CERTIFICATE-----
...
...
...
-----END CERTIFICATE-----
In This Certificate,
Which is the public key? is Modulus?
what does the Signature Algorithm, a9:55:56:… represent (is it message digest)? And what is between —–BEGIN CERTIFICATE—– & —–END CERTIFICATE—–, is That the whole certificate?
As I am novice, little bit confusing between the message digest and public key?
Thanks in Advance-opensid
An RSA public key consists of a modulus and exponent pair, which is shown in the “RSA Public Key” stanza. So that is the raw public key.
An x509 certificate is also signed by the certification authority- so the data in the “Signature Algorithm” stanza is that signature, an RSA-encrypted SHA1 digest of the preceding “Data:” section.
The base64-encoded data between “BEGIN CERTIFICATE” and “END CERTIFICATE” is the x509 certificate in machine-readable form (all the textual data above is for human consumption). When processing a PEM-format file such as this, only the data between the “BEGIN” and “END” lines is actually read.