https://stackoverflow.com/questions/63195304/difference-between-pem-crt-key-files
.key is the private key. This is accessible the key owner and no one else.
.csr is the certificate request. This is a request for a certificate authority to sign the key. (The key itself is not included.)
.crt is the certificate produced by the certificate authority that verifies the authenticity of the key. (The key itself is not included.) This is given to other parties, e.g. HTTPS client.
.pem is a text-based container using base-64 encoding. It could be any of the above files.
-----BEGIN EXAMPLE-----
...
-----END EXAMPLE-----
.p12 is a PKCS12 file, which is a container format usually used to combine the private key and certificate.
There isn't only one extension. For example you may see certificates with either the .crt or a .pem extension.
to combine two pem (for example chain.pem and public.pem)
https://serverfault.com/questions/476576/how-to-combine-various-certificates-into-single-pem
cat first_cert.pem second_cert.pem > combined_cert.pem
note: for public.crt, usually do not need to combine with chain.crt as long as public.crt is signed by a root CA not an intermediate CA, if signed by intermediate CA, may need to combine to PEM to server to browser
No comments:
Post a Comment