X.509

history

X.509 was first released in 1988. The development of X.509 began in connection with the X.500 standard, which was never fully implemented. X.509 uses a strict hierarchical system of trusted certificate authorities ( English certificate authority , CA ) ahead may issue the certificates. This principle is in contrast to the Web-of-Trust model, which represents a graph and not just a tree and where everyone can "sign" a certificate and thus verify its authenticity (see e.g. OpenPGP ).

Version 3 of X.509 (X.509v3) includes the flexibility to be expanded with profiles. The IETF developed the most important profile, PKIX Certificate and CRL Profile , or “PKIX” for short, as part of RFC 3280 , currently RFC 5280 . The term “X.509 certificate” mostly refers to it.

Certificates

A digital certificate issued by a certification authority is always linked to a "Distinguished Name" or an "Alternative Name" such as an email address or a DNS entry in the X.509 system .

Almost all web browsers contain a preconfigured list of trusted certification authorities whose X.509 certificates the browser trusts. In colloquial terms, SSL certificates are often used .

X.509 also contains a standard by means of which certificates can be invalidated again by the certification authority if their security is no longer given (e.g. after the private key for signing e-mails has become public ). The CA can this invalid certificates in CRL ( certificate revocation list , just CRL ) lead. The automatic check of whether a certificate is now part of a revocation list is not activated by default in all programs that accept X.509 certificates.

Structure of an X.509 v3 certificate

• certificate
  • version
  • serial number
  • Algorithm ID
  • Exhibitors
  • validity
    • from
    • to
  • Certificate holder
  • Certificate holder key information
    • Public key algorithm
    • Public key of the certificate holder
  • Unique ID of the issuer (optional)
  • Unique ID of the owner (optional)
  • Extensions
    • ...
• Certificate signature algorithm
• Certificate signature

Issuer and certificate holder are each characterized by a number of attributes:

• Common name ( CN)
• Organization ( O)
• Organizational unit ( OU)
• Country / Region ( C)
• State ( ST)
• Place ( L)

Issuer and owner ID were introduced in version 2, extensions in version 3.

Extensions

Extensions have become a very important part of a certificate. Extensions have the following substructure:

• Extension ID
• Flag (critical / uncritical)
• value

Each extension has a specific ID. The flags are used to gradually introduce a new extension. New extensions are marked as uncritical at the beginning. An implementation that encounters an unknown non-critical extension can ignore it. However, if an extension is set to critical after sufficient testing, a certificate with an unknown critical extension must be considered invalid. Examples of extensions are

• KeyUsage: Indicates the application for which this certificate was issued. A CA certificate, for example, must have keyCertSign and CRLsign entered here.
• BasicConstraints: Transitivity trust is impossible without this extension. Basic constraints are:
  • CA: Indicates whether the certificate belongs to a certification authority. In a certificate chain, every certificate except that of the last instance (of the user / server) must be marked as a CA.
  • PathLen: Indicates the maximum length of the certificate chain.

Filename extensions for certificates

Common file name extensions for X.509 certificates are:

• .CER- DER or Base64 encoded certificate
• .CRT - DER or Base64 encoded certificate
• .CSR - Base64-coded certification request of the public key (plus further metadata of the owner) to a CA, enclosed by "----- BEGIN CERTIFICATE REQUEST -----" and "----- END CERTIFICATE REQUEST ---- - "
• .DER- DER -coded certificate
• .P12- PKCS # 12, can contain public certificates and private keys (password-protected).
• .P7B - Please refer .p7c
• .P7C - PKCS # 7-signed data structure without data content, only with certificate (s) or certificate revocation list (s)
• .PEM- Base64 -coded certificate, enclosed by "----- BEGIN CERTIFICATE -----" and "----- END CERTIFICATE -----"
• .PFX - Please refer .p12

PKCS # 7 is a standard for signing and encrypting data. Since the certificate is needed to verify the signed data, it can be placed in the “SignedData” structure. A .p7cfile is the special case of a file that does not contain any data to be signed, but only the "SignedData" structure.

PKCS # 12 evolved from the PFX (Personal Information eXchange) standard and is used to exchange public and private keys in a common file.

An -file can contain certificates and / or private keys, which are enclosed by corresponding BEGIN / END lines. .PEM

Example of an X.509 certificate

Text representation of a digital certificate based on X.509v3 (version 3). (The structure is based on ASN.1 .):

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=AT, ST=Steiermark, L=Graz, O=TrustMe Ltd, OU=Certificate Authority, CN=CA/[email protected]
        Validity
            Not Before: Oct 29 17:39:10 2000 GMT
            Not After : Oct 29 17:39:10 2001 GMT
        Subject: C=AT, ST=Vienna, L=Vienna, O=Home, OU=Web Lab, CN=anywhere.com/[email protected]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:c4:40:4c:6e:14:1b:61:36:84:24:b2:61:c0:b5:
                    d7:e4:7a:a5:4b:94:ef:d9:5e:43:7f:c1:64:80:fd:
                    9f:50:41:6b:70:73:80:48:90:f3:58:bf:f0:4c:b9:
                    90:32:81:59:18:16:3f:19:f4:5f:11:68:36:85:f6:
                    1c:a9:af:fa:a9:a8:7b:44:85:79:b5:f1:20:d3:25:
                    7d:1c:de:68:15:0c:b6:bc:59:46:0a:d8:99:4e:07:
                    50:0a:5d:83:61:d4:db:c9:7d:c3:2e:eb:0a:8f:62:
                    8f:7e:00:e1:37:67:3f:36:d5:04:38:44:44:77:e9:
                    f0:b4:95:f5:f9:34:9f:f8:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name:
                email:[email protected]
            Netscape Comment:
                mod_ssl generated test server certificate
            Netscape Cert Type:
                SSL Server
    Signature Algorithm: md5WithRSAEncryption
        12:ed:f7:b3:5e:a0:93:3f:a0:1d:60:cb:47:19:7d:15:59:9b:
        3b:2c:a8:a3:6a:03:43:d0:85:d3:86:86:2f:e3:aa:79:39:e7:
        82:20:ed:f4:11:85:a3:41:5e:5c:8d:36:a2:71:b6:6a:08:f9:
        cc:1e:da:c4:78:05:75:8f:9b:10:f0:15:f0:9e:67:a0:4e:a1:
        4d:3f:16:4c:9b:19:56:6a:f2:af:89:54:52:4a:06:34:42:0d:
        d5:40:25:6b:b0:c0:a2:03:18:cd:d1:07:20:b6:e5:c5:1e:21:
        44:e7:c5:09:d2:d5:94:9d:6c:13:07:2f:3b:7c:4c:64:90:bf:
        ff:8e

literature

• X.509 Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks
• Patrick Huber: Structure and function of public key infrastructures. GRIN Verlag, Munich 2018, ISBN 978-3-668-80088-5 .

Web links

• RFC 2459 (Internet X.509 Public Key Infrastructure Certificate and CRL Profile, obsolete through RFC 3280 )
• RFC 3280 (Internet X.509 Public Key Infrastructure, Certificate and CRL Profile, Update RFC 4325 , Update RFC 4630 , obsolete through RFC 5280 )
• RFC 5280 (Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile)

Individual evidence

1. ↑ 14: 00-17: 00: ISO / IEC 9594-8: 2017. Retrieved July 3, 2019 .