Buy SSL Certificates for PEAP

Michael Griego mgriego at utdallas.edu
Wed Jun 28 18:27:07 CEST 2006 

By default, OpenSSL uses PEM format, so if you didn't specify a  
certificate format of DER, then its a PEM encoded cert.  If you look  
at the cert in a text viewer/editor, you'll see lines that have "--- 
BEGIN CERTIFICATE---" and "---END CERTIFICATE---" if its PEM encoded.

--Mike

On Jun 28, 2006, at 2:53 AM, VannMann32 . wrote:

> Hi !
>> Are you sure your certificate isn't already in PEM format?
>
> How can I verify which format the certificate is in ?
>
>
> # openssl x509 -in somecertificate.cer  -text
> Certificate:
>    Data:
>        Version: 3 (0x2)
>        Serial Number:
>            69:4c:8a:74:b7:45:cd:7f:cd:47:71:b8:c0:f2:60:6a
>        Signature Algorithm: sha1WithRSAEncryption
>        Issuer: C=ZA, ST=FOR TESTING PURPOSES ONLY, O=Thawte  
> Certification, OU=TEST TEST TEST, CN=Thawte Test CA Root
>        Validity
>            Not Before: Jun 27 20:00:54 2006 GMT
>            Not After : Jul 18 20:00:54 2006 GMT
>        Subject: C=XX, ST=XXXXX, L=XXXXX, O=XXXXXX, OU=XXXXXX,  
> CN=XXXXXXXX
>        Subject Public Key Info:
>            Public Key Algorithm: rsaEncryption
>            RSA Public Key: (1024 bit)
>                Modulus (1024 bit):
>                    00:ce:0c:00:a5:88:d5:f7:f2:b8:c5:7d:f3:9d:0a:
>                    0e:44:28:ee:fc:b0:78:c9:d0:1e:f2:cf:cf:2f:cc:
>                    6f:bc:87:06:f4:eb:aa:a3:3d:8d:d5:d8:60:54:8e:
>                    78:c3:2b:a5:fc:f5:fa:97:ea:d3:17:20:00:07:62:
>                    25:1a:8f:cf:41:9e:ba:59:a7:c3:75:a0:ae:4c:9c:
>                    69:4f:52:c3:7c:51:d7:2e:70:63:1e:d5:79:97:d7:
>                    b3:81:94:d8:4f:cf:f1:5c:9c:ab:c5:e2:f5:82:70:
>                    34:f0:8b:e8:70:a0:ce:27:b4:26:fc:16:b5:6c:64:
>                    fd:f5:99:94:f8:ad:63:a7:41
>                Exponent: 65537 (0x10001)
>        X509v3 extensions:
>            X509v3 Basic Constraints: critical
>                CA:FALSE
>            X509v3 Extended Key Usage:
>                TLS Web Server Authentication, TLS Web Client  
> Authentication
>            X509v3 CRL Distribution Points:
>                URI:http://crl.thawte.com/ThawtePremiumServerCA.crl
>
>            Authority Information Access:
>                OCSP - URI:http://ocsp.thawte.com
>
>
> - List info/subscribe/unsubscribe? See http://www.freeradius.org/ 
> list/users.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6184 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060628/5d9f3187/attachment.bin>

More information about the Freeradius-Users mailing list