previous |
start |
next
Site Certificates
An X.509 certificate consists of the following fields:
- version
- serial number
- signature algorithm ID
- issuer name
- validity period
- subject (user) name
- subject public-key information
- issuer unique identifier (version 2 and 3 only)
- subject unique identifier (version 2 and 3 only)
- extensions (version 3 only)
- signature on the above fields
This certificate is signed by the issuer to authenticate the
binding between the subject (user's) name and the subject's public
key. The major difference between versions 2 and 3 is the addition
of the extensions field. This field grants more flexibility as it
can convey additional information beyond just the key and name
binding. Standard extensions include subject and issuer attributes,
certification policy information, and key usage restrictions, among
others.
previous |
start |
next