Certificates and CryptoAPI

CryptoAPI supports using X.509 certificates as defined in IETF RFC 3280. This documentation assumes the use of an X.509 or comparable digital certificate.

An X.509 standard certificate contains the following information.

FieldDescription
VersionVersion number of the certificate.
Serial NumberSerial number of the certificate.
Algorithm IdentifierSignature algorithm used by the certificate signer.
Issuer NameName of the issuer of the certificate.
Not BeforeDate before which the certificate is not valid.
Not After Date after which the certificate is not valid.
Subject NameName of the person or entity to whom the certificate is being issued.
AlgorithmAlgorithm used for the public key.
Subject Public KeyActual public key (a bit string).
Issuer Unique IDOptional Field. If present, version must be version 2.
Subject Unique IDOptional Field. If present, version must be version 2.
ExtensionsOptional field. Represents additional data that an issuer can want to add to a certificate, such as email address or authorization to issue certificates.

If extensions are present, version must be version 3.

 

 

 

Show: