Certificates and CryptoAPI
A version of this page is also available for
4/8/2010
CryptoAPI supports using certificates as defined in the ITU-T recommendation X.509 (also, ISO/IEC 9594-8). This documentation assumes the use of an X.509 or comparable digital certificate.
An X.509 standard certificate contains the following information.
| Field | Description |
|---|---|
Version |
Version number of the certificate. |
Serial Number |
Serial number of the certificate. |
Algorithm Identifier |
Signature algorithm used by the certificate signer. |
Issuer Name |
Name of the issuer of the certificate. |
Validity: |
|
Not Before (Date) |
Date before which the certificate is not valid. |
Not After (Date) |
Date after which the certificate is not valid. |
Subject Name |
Name of the person or entity to whom the certificate is being issued. |
Subject Public Key Info: |
|
Algorithm |
Algorithm used for the public key. |
Subject Public Key |
Actual public key (a bit string). |
Optional Fields: |
|
Issuer Unique ID |
If present, version must be version 2. |
Subject Unique ID |
If present, version must be version 2. |
Extensions |
Optional field. Represents additional data that an issuer can want to add to a certificate, such as e-mail address or authorization to issue certificates. |
If extensions are present, version must be version 3. |
|