Public Key Cryptography - Certificate (or Public Key Certificate)

> Software Security > Cryptography - Key

1 - About

A public key certificate is usually just called a certificate.

It's a concept of the public key model.

It's a signed document which permits to define with certainty the owner of the key (ensures that the party you are communicating with is whom you think.)

Technically, it is a digitally signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key.

The certificate] has no role in the encryption. It's a signed document (by a trusted Certificate Authority (CA)) which, ensures that the party you are communicating with is whom you think.

When you go to a site that uses HTTPS (connection security), the website's server uses a certificate to prove the website's identity to browsers, like Chrome.

Advertising

3 - Usage

4 - Structure

A certificate contains:

Certificates most commonly comes as .cer file which is added into a keyStore or trustStore by using any key management utility e.g. keytool.

The certificate does not contain the private key as it should never be transmitted in any form whatsoever.

Advertising

4.1 - Signature

A certificate is insecure until it is signed, as only a signed certificate cannot be modified. You can sign a certificate using itself, it is called a self signed certificate. All root CA certificates of the chain are self signed. See chain

4.2 - Chain

A certificate can have been signed by another certificate creating a chain (or path)

See Cyrptography - Certificate chain

5 - Location

This section refers to where the certificate is stored.

5.1 - Client

A client certificate are used to identify a client or a user, authenticating the client to the server and establishing precisely who they are.

5.2 - Server

A server certificate authenticates the server and the owner of the site.

Server certificates typically are issued to:

Advertising

6 - Type

6.1 - Domain Validated

Domain Validated certificates are certificates that are checked against domain registry.

There is no identifying organizational information for these certificates and thus should never be used for commercial purposes.

It is the cheapest type of certificate to get, but this is a high risk certificate use on a public website.

Visitors to a website with DV certificates cannot validate, via the certificate, if the business on the site is legitimate and thus often DO NOT trust this type of certificate. It is recommended using these types of certificates where security is not a concern, such as protected internal systems.

Details of the certificate subject: CN = www.domain.com

Example (when the certificate is open with portecle)

If you access this website with the above certificate, you got a warning (Example below in firefox)

6.2 - Organization Validated

Organizational certificates are Trusted. Organizations are strictly authenticated by real agents against business registry databases hosted by governments. Documents may exchange and personnel may be contacted during validation to prove the right of use.

OV certificates therefore contain legitimate business information.

This is the standard type of certificate required on a commercial or public facing website. OV certificates conform to the X.509 RFC standards and thus contain all the necessary information to validate the organization.

Details of the certificate (ie Ldap attributes):

6.3 - Root

Root certificate are the certificate at the root of the chain. (Ie issued by Trusted CA)

7 - Management

7.1 - Check

A certificate check is equivalent to an authentication.

Issued by Trusted CA ?

  • Check if the certificate was was issued by a trusted party (usually a trusted root CA)
  • If the certificate was not issued by a trusted CA, the connecting device (eg. a web browser) will then check to see if the certificate of the issuing CA was issued by a trusted CA (one step above in the chain), and so on until either:
    • a trusted CA is found (at which point a trusted, secure connection will be established)
    • a trusted CA can not be found (at which point the device will usually display an error).

In other words, the top of the chain, the root certificate, must be issued by a trusted certificate authority (CA) in order to have a trusted connection.

Still valid

  • It check that the certificate is still valid

Identity

  • It check that the certificate is related to the site contacted (e.g. For a website, the Common Name contains the hostname).

See openssl verify

7.2 - Version

The Version attribute of a certificate gives the X.509 version number.

7.3 - Installation

The Intermediate Certificate Authority Certificates and Certificate Authority Root Certificates:

  • may need to be installed on the server.
  • are not needed on the client applications or browsers.

7.4 - Get

How to get a certificate for its own usage. To get a certificate from an installed server. See see

Classical use case of openssl is to obtain a valid Certificate for a Secured Web site ( https protocol ).

  • Create a Private Key ( will be created together with Public key ).
  • Create a Certificate signing Request for that private key with some information for purpose of future Certificate.
  • Send that Certificate Request to a Certificate Authority ( CA )
  • The certificate Authority will check the information provided in the certificate request (domain, mail, …)
  • The certificate Authority signs the request, producing a public certificate CA signed. (For well known CA you need to pay)
  • Install your Private key together with the received Certificate on your system (Web Server, …)

7.5 - See

How to see a created certificate:

7.5.1 - Remote

How to get the server certificate (certificate already installed on the server) ?

7.5.1.1 - Openssl

Openssl where s_client implements a generic SSL client.

openssl s_client -connect localhost:port -servername serverName -showcerts

where

Example: Output is split in several pieces

openssl s_client -connect gerardnico.com:443 -servername gerardnico.com -showcerts
Loading 'screen' into random state - done
CONNECTED(000001A4)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify return:1
depth=2 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO ECC Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO ECC Domain Validation Secure Server CA 2
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = sni137003.cloudflaressl.com
verify return:1

where:

Certificate chain output

 0 s:/OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni137003.cloudflaressl.com
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
-----BEGIN CERTIFICATE-----
MIIHYjCCBwegAwIBAgIRAMktOmOeS7iRAqRtWc9IHD4wCgYIKoZIzj0EAwIwgZIx
CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV
BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTgwNgYDVQQD
Ey9DT01PRE8gRUNDIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0Eg
MjAeFw0xODAyMDEwMDAwMDBaFw0xODA4MTAyMzU5NTlaMGwxITAfBgNVBAsTGERv
bWFpbiBDb250cm9sIFZhbGlkYXRlZDEhMB8GA1UECxMYUG9zaXRpdmVTU0wgTXVs
dGktRG9tYWluMSQwIgYDVQQDExtzbmkxMzcwMDMuY2xvdWRmbGFyZXNzbC5jb20w
WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARnBErqfdqoeYpPQqLaDaKC+3lB3+E8
qBW2e7BzyaxoeaLzMxsCJbTVld17CK64OOTTc2VftL6ijsmvnZ0RWvcao4IFYTCC
BV0wHwYDVR0jBBgwFoAUQAlhZ/C8g3FP3hIILG/U1Ct2PZYwHQYDVR0OBBYEFBDT
RmnKk0YMmNRRbt+dVuE0KkJ1MA4GA1UdDwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAA
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBPBgNVHSAESDBGMDoGCysG
AQQBsjEBAgIHMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5j
b20vQ1BTMAgGBmeBDAECATBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLmNv
bW9kb2NhNC5jb20vQ09NT0RPRUNDRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZl
ckNBMi5jcmwwgYgGCCsGAQUFBwEBBHwwejBRBggrBgEFBQcwAoZFaHR0cDovL2Ny
dC5jb21vZG9jYTQuY29tL0NPTU9ET0VDQ0RvbWFpblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQTIuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC5jb21vZG9jYTQu
Y29tMIIDqAYDVR0RBIIDnzCCA5uCG3NuaTEzNzAwMy5jbG91ZGZsYXJlc3NsLmNv
bYISKi5iZWxhamFyYmFoYXNhLnVzggwqLmJ1Y2hiZWUuY2aCDiouYnVjaG1ha2Vy
LmNmghAqLmJ1cm5lb29vbzc3Lm1sghQqLmNsb3Roc2hvZXNwcHRqLmNvbYIMKi5k
aWxsbm90LmNmghEqLmV0aGl4ZGVzaWduLmNvbYISKi5ldXJvLW5hdXRpY2EuY29t
ghwqLmdkdGJvZHl0cmFuc2Zvcm1hdGlvbnMuY29tghAqLmdlcmFyZG5pY28uY29t
ggwqLmdzZzM5NS5jb22CDCouZ3N6NzE1LmNvbYITKi5pcGlja3lvdXJtZWRpYS5j
ZoIMKi5pdHMtMzY1LnJ1gg8qLm5pcmFsbW92aWUubWyCEioub3JnYW5pY2FyZ2Fu
Lm5ldIITKi5wYXVsbWVlaGFuYXJ0LmNvbYILKi5wbHJwZGYuZ3GCESoucHV5ZW5n
LmRvd25sb2FkghAqLnJlYWwtZm9vZHMubmV0ggwqLnJpYm9ueS5vcmeCCyouc2pi
b29rLmdxgg8qLnN0YXJlcGxheS5jb22CESouc3VnZ2VzdC11cmwub3JnghEqLnRh
aXdhbmZmYWlyLmNvbYIMKi50b2xnYXkueHl6gg4qLnR3dHRlbXB0LmNvbYIQYmVs
YWphcmJhaGFzYS51c4IKYnVjaGJlZS5jZoIMYnVjaG1ha2VyLmNmgg5idXJuZW9v
b283Ny5tbIISY2xvdGhzaG9lc3BwdGouY29tggpkaWxsbm90LmNmgg9ldGhpeGRl
c2lnbi5jb22CEGV1cm8tbmF1dGljYS5jb22CGmdkdGJvZHl0cmFuc2Zvcm1hdGlv
bnMuY29tgg5nZXJhcmRuaWNvLmNvbYIKZ3NnMzk1LmNvbYIKZ3N6NzE1LmNvbYIR
aXBpY2t5b3VybWVkaWEuY2aCCml0cy0zNjUucnWCDW5pcmFsbW92aWUubWyCEG9y
Z2FuaWNhcmdhbi5uZXSCEXBhdWxtZWVoYW5hcnQuY29tgglwbHJwZGYuZ3GCD3B1
eWVuZy5kb3dubG9hZIIOcmVhbC1mb29kcy5uZXSCCnJpYm9ueS5vcmeCCXNqYm9v
ay5ncYINc3RhcmVwbGF5LmNvbYIPc3VnZ2VzdC11cmwub3Jngg90YWl3YW5mZmFp
ci5jb22CCnRvbGdheS54eXqCDHR3dHRlbXB0LmNvbTAKBggqhkjOPQQDAgNJADBG
AiEAt0eJnUQu0fj55Jbq1dhjv7zmhJNsTEowx0ApbLFlpiQCIQCtJ5jyklj7Ic65
opXIMhs5N0wzGv7d38VJqSXgFJcWug==
-----END CERTIFICATE-----
 1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
   i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority
-----BEGIN CERTIFICATE-----
MIIDnzCCAyWgAwIBAgIQWyXOaQfEJlVm0zkMmalUrTAKBggqhkjOPQQDAzCBhTEL
MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwOTI1MDAw
MDAwWhcNMjkwOTI0MjM1OTU5WjCBkjELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
T0RPIENBIExpbWl0ZWQxODA2BgNVBAMTL0NPTU9ETyBFQ0MgRG9tYWluIFZhbGlk
YXRpb24gU2VjdXJlIFNlcnZlciBDQSAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcD
QgAEAjgZgTrJaYRwWQKOqIofMN+83gP8eR06JSxrQSEYgur5PkrkM8wSzypD/A7y
ZADA4SVQgiTNtkk4DyVHkUikraOCAWYwggFiMB8GA1UdIwQYMBaAFHVxpxlIGbyd
nepBR9+UxEh3mdN5MB0GA1UdDgQWBBRACWFn8LyDcU/eEggsb9TUK3Y9ljAOBgNV
HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECATBMBgNV
HR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9FQ0ND
ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDByBggrBgEFBQcBAQRmMGQwOwYIKwYB
BQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET0VDQ0FkZFRydXN0
Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC5jb21vZG9jYTQuY29tMAoG
CCqGSM49BAMDA2gAMGUCMQCsaEclgBNPE1bAojcJl1pQxOfttGHLKIoKETKm4nHf
EQGJbwd6IGZrGNC5LkP3Um8CMBKFfI4TZpIEuppFCZRKMGHRSdxv6+ctyYnPHmp8
7IXOMCVZuoFwNLg0f+cB0eLLUg==
-----END CERTIFICATE-----
 2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority
   i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
-----BEGIN CERTIFICATE-----
MIID0DCCArigAwIBAgIQQ1ICP/qokB8Tn+P05cFETjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
VQQDEyJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MHYwEAYHKoZI
zj0CAQYFK4EEACIDYgAEA0d7L3XJghWF+3XkkRbUq2KZ9T5SCwbOQQB/l+EKJDwd
AQTuPdKNCZcM4HXk+vt3iir1A2BLNosWIxatCXH0SvQoULT+iBxuP2wvLwlZW6Vb
CzOZ4sM9iflqLO+y0wbpo4H+MIH7MB8GA1UdIwQYMBaAFK29mHo0tCb3+sQmVO8D
veAky1QaMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E
BAMCAYYwDwYDVR0TAQH/BAUwAwEB/zARBgNVHSAECjAIMAYGBFUdIAAwSQYDVR0f
BEIwQDA+oDygOoY4aHR0cDovL2NybC50cnVzdC1wcm92aWRlci5jb20vQWRkVHJ1
c3RFeHRlcm5hbENBUm9vdC5jcmwwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzAB
hh5odHRwOi8vb2NzcC50cnVzdC1wcm92aWRlci5jb20wDQYJKoZIhvcNAQEMBQAD
ggEBAB3H+i5AtlwFSw+8VTYBWOBTBT1k+6zZpTi4pyE7r5VbvkjI00PUIWxB7Qkt
nHMAcZyuIXN+/46NuY5YkI78jG12yAA6nyCmLX3MF/3NmJYyCRrJZfwE67SaCnjl
lztSjxLCdJcBns/hbWjYk7mcJPuWJ0gBnOqUP3CYQbNzUTcp6PYBerknuCRR2RFo
1KaFpzanpZa6gPim/a5thCCuNXZzQg+HCezF3OeTAyIal+6ailFhp5cmHunudVEI
kAWvL54TnJM/ev/m6+loeYyv4Lb67psSE/5FjNJ80zXrIRKT/mZ1JioVhCb3ZsnL
jbsJQdQYr7GzEPUQyp2aDrV1aug=
-----END CERTIFICATE-----
---
  • Server certificate
Server certificate
subject=/OU=Domain Control Validated/OU=PositiveSSL Multi-Domain/CN=sni137003.cloudflaressl.com
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Domain Validation Secure Server CA 2
---
  • Client certificate
No client certificate CA names sent
Peer signing digest: SHA256
Server Temp Key: ECDH, P-256, 256 bits
---
  • handshake
SSL handshake has read 4298 bytes and written 467 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-ECDSA-AES128-GCM-SHA256
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-ECDSA-AES128-GCM-SHA256
    Session-ID: C03826B6371333E99FF0A681A4E83C1EA22843B87ED884D14FB9896ADCA5C59D
    Session-ID-ctx:
    Master-Key: B68EE858A2B550BCA4CB9AC3E9EE37C20458033573D94F93556FA27E4E59090C50F35F25835527BBD265FB49A15F6669
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 64800 (seconds)
    TLS session ticket:
    0000 - 85 f1 17 c7 b0 5e 0b 66-34 78 48 38 94 56 90 f8   .....^.f4xH8.V..
    0010 - bd 97 75 98 6e 48 14 57-33 9b 78 20 9e 2c 5d 34   ..u.nH.W3.x .,]4
    0020 - 45 c7 c7 0e d2 31 c2 c3-58 7b 75 a9 66 2a 94 1b   E....1..X{u.f*..
    0030 - 44 32 0d a0 ec dd b4 9f-f3 17 61 ff fc 33 81 8b   D2........a..3..
    0040 - 84 22 37 94 43 d7 3f fd-10 7c aa e7 8b b9 fc 9a   ."7.C.?..|......
    0050 - 49 b6 a9 50 9d 8c 92 c6-63 e2 e4 c8 cc 53 b2 cf   I..P....c....S..
    0060 - 1b b9 fb 15 b4 59 f7 d0-7b c8 b0 77 8f 2e 0a c0   .....Y..{..w....
    0070 - 90 77 6b 05 a1 8a b1 b7-da 34 ce 0c 51 be 64 f6   .wk......4..Q.d.
    0080 - 12 8c 4c 57 17 08 4f 5a-c3 67 99 82 c3 94 b7 f0   ..LW..OZ.g......
    0090 - 29 50 f1 d6 c5 9a a2 59-a0 99 90 26 14 a3 6f bf   )P.....Y...&..o.
    00a0 - 1c bc 87 39 ba 75 4f 44-a5 9c ab a8 2c ad 3e 84   ...9.uOD....,.>.

    Start Time: 1517815405
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
7.5.1.2 - Chrome devtool

7.5.1.3 - Firefox

Export certificate from Firefox Browser

  • more info“ > “security” > “show certificate” > “details” > “export..

7.5.2 - Local

7.5.2.1 - openssl local decryption

You may have a certificate in its coded form (pem), to read the details of the certificate just issue the following command:

openssl x509 -in newcert.pem -noout -text
Certificate:                                                                                                                    
    Data:                                                                                                                       
        Version: 1 (0x0)                                                                                                        
        Serial Number:                                                                                                          
            9f:97:73:c5:0e:6f:00:08                                                                                             
    Signature Algorithm: sha256WithRSAEncryption                                                                                
        Issuer: C=NL, ST=Noord-holland, L=Oegstgeest, O=GerardNico, OU=Nerdy, CN=Nico/[email protected]    
        Validity                                                                                                                
            Not Before: Feb 12 22:03:53 2018 GMT                                                                                
            Not After : Feb 12 22:03:53 2019 GMT                                                                                
        Subject: C=NL, ST=Noord-holland, L=Oegstgeest, O=GerardNico, OU=Nerdy, CN=Nico/[email protected]   
        Subject Public Key Info:                                                                                                
            Public Key Algorithm: rsaEncryption                                                                                 
                Public-Key: (1024 bit)                                                                                          
                Modulus:                                                                                                        
                    00:c0:42:e3:1f:ac:4a:d8:cc:f6:fe:0d:0a:ba:3f:                                                               
                    dd:28:f1:6c:d3:5d:3e:e0:90:63:fa:d4:de:dc:1b:                                                               
                    49:1a:f4:be:22:d1:6b:35:e2:97:7a:b7:cd:b4:b2:                                                               
                    be:5d:e9:87:8a:52:05:f1:99:3e:4d:18:be:e6:1e:                                                               
                    45:0a:bb:96:75:90:59:31:e8:28:ca:f4:b3:05:c9:                                                               
                    64:23:90:4e:a1:c6:77:5c:71:a9:9b:5c:72:67:dc:                                                               
                    71:61:7f:6b:3d:b6:e0:a1:50:21:13:da:db:47:94:                                                               
                    ad:8e:72:f0:97:40:d2:2e:6a:22:4a:88:46:cc:0c:                                                               
                    8d:5d:b6:5c:f8:0b:dc:0e:39                                                                                  
                Exponent: 65537 (0x10001)                                                                                       
    Signature Algorithm: sha256WithRSAEncryption                                                                                
         40:0f:cc:9d:d6:b4:40:c7:e4:02:0d:44:ea:aa:0a:a6:b7:cb:                                                                 
         aa:8a:76:4b:b2:d4:82:43:4b:29:80:bc:0b:90:f0:88:87:6f:                                                                 
         bf:47:0c:52:7a:98:a5:e2:94:1e:7c:9b:19:83:78:c9:95:1b:                                                                 
         19:b5:d6:63:1c:f4:11:a9:04:b3:b1:10:a5:81:dd:f9:50:c8:                                                                 
         19:f2:45:f5:21:5c:d0:74:2a:94:6e:83:9e:a6:7d:3b:32:c0:                                                                 
         cf:b1:77:5c:ca:44:0f:96:c8:b4:43:6e:91:f8:35:31:e6:7a:                                                                 
         28:35:d8:32:17:89:42:b3:e2:b9:f1:e6:02:54:47:db:b7:ff:                                                                 
         a7:ab                                                                                                                  
7.5.2.2 - portecle
7.5.2.3 - Others

8 - Documentation / Reference

security/key/certificate.txt · Last modified: 2019/02/09 11:22 by gerardnico