Certificates and CryptoAPI
CryptoAPI supports using certificates as defined in the ITU-T recommendation X.509 (also, ISO/IEC 9594-8). This documentation assumes the use of an X.509 or comparable digital certificate.
An X.509 standard certificate contains the following information.
| Field | Description |
|---|---|
|
Version |
Version number of the certificate. |
|
Serial Number |
Serial number of the certificate. |
|
Algorithm Identifier |
Signature algorithm used by the certificate signer. |
|
Issuer Name |
Name of the issuer of the certificate. |
|
Validity: |
|
|
Not Before (Date) |
Date before which the certificate is not valid. |
|
Not After (Date) |
Date after which the certificate is not valid. |
|
Subject Name |
Name of the person or entity to whom the certificate is being issued. |
|
Subject Public Key Info: |
|
|
Algorithm |
Algorithm used for the public key. |
|
Subject Public Key |
Actual public key (a bit string). |
|
Optional Fields: |
|
|
Issuer Unique ID |
If present, version must be version 2. |
|
Subject Unique ID |
If present, version must be version 2. |
|
Extensions |
Optional field. Represents additional data that an issuer can want to add to a certificate, such as e-mail address or authorization to issue certificates. |
|
If extensions are present, version must be version 3. |
|