Partager via


Certificates and CryptoAPI

A version of this page is also available for

Windows Embedded CE 6.0 R3

4/8/2010

CryptoAPI supports using certificates as defined in the ITU-T recommendation X.509 (also, ISO/IEC 9594-8). This documentation assumes the use of an X.509 or comparable digital certificate.

An X.509 standard certificate contains the following information.

Field Description

Version

Version number of the certificate.

Serial Number

Serial number of the certificate.

Algorithm Identifier

Signature algorithm used by the certificate signer.

Issuer Name

Name of the issuer of the certificate.

Validity:

 

Not Before (Date)

Date before which the certificate is not valid.

Not After (Date)

Date after which the certificate is not valid.

Subject Name

Name of the person or entity to whom the certificate is being issued.

Subject Public Key Info:

 

Algorithm

Algorithm used for the public key.

Subject Public Key

Actual public key (a bit string).

Optional Fields:

 

Issuer Unique ID

If present, version must be version 2.

Subject Unique ID

If present, version must be version 2.

Extensions

Optional field. Represents additional data that an issuer can want to add to a certificate, such as e-mail address or authorization to issue certificates.

If extensions are present, version must be version 3.

 

See Also

Other Resources

Cryptography
Certificates