秘密鍵、CSR、サーバ証明書の中身を見てみる

※すごくざっくりと記載します。

RSA秘密鍵

[root@localhost conf]# openssl rsa -text < server.key
Private-Key: (2048 bit)
modulus:
00:d3:ae:4e:e8:e9:8a:16:1c:59:53:e2:27:5a:dc:
24:d7:b7:b3:84:3a:a5:c1:ac:f0:18:f6:45:66:bf:
8d:5e:39:ba:e7:d7:1a:ad:70:01:6c:02:47:e2:68:
5e:2f:de:fc:4d:a6:a4:ab:99:be:93:77:e7:fa:2f:
77:b3:3e:44:0f:4d:db:2d:1d:a8:b4:73:90:3f:01:
a1:99:a0:5d:1f:75:a0:b9:0a:8c:bc:56:b5:3a:ba:
7d:5b:a3:9d:b3:39:39:9f:9c:e3:1e:8a:0b:bc:a3:
c7:92:79:51:64:6a:0c:0a:26:ed:4a:94:dc:a3:0a:
16:11:80:c7:28:0b:ad:1a:2b:9c:4a:35:6d:8f:1a:
d3:ff:e9:44:bf:98:a3:9c:7a:d5:7b:1d:3b:10:f0:
2a:4d:eb:ab:a1:2f:8b:0f:5c:0f:d5:b5:4e:c3:39:
51:91:62:c8:77:b6:4c:6a:a5:76:61:91:99:10:e0:
24:c0:14:fe:f7:74:01:90:89:2f:a9:40:ee:ef:2a:
6c:dd:f8:cd:54:ff:c3:c4:96:29:d5:30:22:02:22:
21:f6:82:13:72:37:8b:87:66:e2:ee:1d:e9:8b:da:
be:39:23:e3:c5:13:18:0d:ec:e2:21:b7:a1:6d:0e:
52:0c:76:e8:d7:ee:d2:58:52:79:0b:d2:ca:1b:ce:
30:59
publicExponent: 65537 (0x10001)
privateExponent:
00:ce:d8:7d:73:4b:02:0c:29:17:80:c8:74:fc:6c:
31:f4:39:25:ca:08:25:00:e4:24:99:bf:cc:81:62:
9c:99:7e:80:0d:1c:3c:8d:4d:ed:95:c5:84:c8:d0:
83:78:f3:c4:47:7c:97:5c:b7:97:6a:32:b9:13:d8:
5e:77:60:58:d1:3b:9a:f8:b3:0a:af:8a:5d:61:b4:
0e:5d:38:3e:c7:07:02:4e:ce:e8:47:01:d3:85:d7:
c5:b7:4e:62:43:47:9f:ef:40:37:0f:18:85:ef:87:
7a:f4:be:67:b2:5f:8d:f4:3d:a5:92:43:74:76:3c:
dc:e3:ad:9a:ee:9e:ba:3f:de:a5:f6:c6:65:bc:cd:
9b:f2:1f:4b:6b:5a:0b:ab:4f:ea:e5:cc:0b:14:a4:
fa:b5:c2:07:04:09:ac:f0:dc:e2:2f:1c:bf:6b:e7:
a5:1a:70:92:f4:42:44:01:c3:ae:5c:9d:7e:8e:18:
7f:1f:69:c6:5b:55:b3:a9:fe:4e:08:4c:61:41:72:
d9:b0:1e:eb:86:0a:2f:03:f6:b6:e3:ee:a6:1b:39:
fd:01:77:30:51:12:87:1a:d7:b9:a8:66:2e:8d:c7:
27:95:74:68:ab:4c:da:db:f9:40:dc:9c:d5:fa:1f:
b8:82:4e:89:31:2b:a1:b9:ff:4a:4d:22:3d:a8:65:
94:01
prime1:
00:f5:a8:63:49:6b:f1:56:86:52:8d:78:26:c9:35:
d0:fb:99:f9:28:5a:24:66:30:eb:e2:14:7c:10:14:
04:6c:0f:4b:e9:2a:26:37:30:94:77:e7:42:3c:69:
43:82:90:af:b5:0c:3e:4a:5d:21:94:34:7e:e6:47:
c5:30:38:94:ef:e6:3e:9a:76:d6:7a:5d:3a:1a:61:
66:41:4b:9a:75:46:3d:63:fe:36:2d:18:4c:6a:3b:
9e:51:96:8a:58:db:71:51:cd:3d:8a:43:fd:ad:cd:
41:c8:fa:01:81:e6:ed:84:ef:4d:f7:86:3c:33:fa:
d0:80:41:ff:1f:d5:01:62:49
prime2:
00:dc:97:ba:cf:48:15:ea:56:03:95:f2:01:18:73:
eb:bc:b0:da:f6:99:d2:63:75:6f:db:b0:a4:d4:63:
45:24:a3:76:3a:09:df:32:08:f7:52:d0:c6:ba:d3:
96:a7:ab:9c:39:bd:fd:ff:a4:c3:1a:a9:c5:e0:48:
47:2e:02:34:08:72:16:47:5f:b6:58:52:17:c4:21:
51:40:89:2d:c3:76:d9:2a:14:9d:2f:95:9d:21:4e:
79:76:93:07:25:28:0e:e6:0e:16:22:a0:b0:96:e4:
b5:99:b0:fa:94:fd:9d:5a:54:5c:7a:fe:87:c9:29:
fb:dc:c9:c6:d4:7a:c9:5d:91
exponent1:
00:98:b2:a7:ac:be:d5:10:04:84:91:fd:4a:96:ad:
c6:0e:6f:02:2a:2c:06:0e:23:80:ac:52:31:5f:c9:
21:8a:8d:e3:90:b6:ab:74:88:d4:f0:c7:26:2b:e8:
fe:96:cd:1a:fa:fd:f6:46:41:27:9b:39:1a:5c:47:
e6:71:77:ea:54:48:99:47:68:71:1f:34:8d:e6:51:
fe:be:bd:a0:f0:1e:ce:10:36:b7:34:46:b3:51:21:
67:e2:ad:21:a7:e4:17:c7:52:3d:5b:91:b1:c0:f4:
22:5d:2b:d1:fe:0e:2e:3c:00:88:45:41:02:71:09:
09:cb:7f:ba:76:ed:ef:63:49
exponent2:
26:14:27:12:3a:fe:55:7a:4d:9a:27:b1:5a:b8:3f:
fc:4d:87:2e:c4:74:d5:e8:62:cb:c8:9d:5b:70:5b:
72:2c:a9:6e:f1:5f:4e:f2:cf:46:c3:75:5a:b0:c5:
b3:e1:e2:d0:f0:e4:14:aa:2b:67:c1:e0:bf:8b:9a:
85:ed:a9:6f:bf:c9:ea:be:31:ea:e3:18:e9:29:5b:
2e:49:bf:d5:9b:01:77:cb:21:2b:22:a7:82:25:5a:
c0:46:37:18:89:e6:b0:7d:c4:02:6c:3c:af:7f:81:
7d:ab:58:46:39:d5:5c:cf:6d:3b:6a:0e:a4:82:13:
d1:14:1f:b7:74:0e:a8:91
coefficient:
00:ec:46:cb:b2:21:21:7f:ed:1f:a2:0b:24:8f:7b:
77:2f:f6:3f:3f:dd:c1:2e:5e:d2:5c:f3:ba:8c:f5:
4e:e4:cc:2a:e2:d0:80:01:fa:ee:09:fa:c1:ec:ef:
bb:1e:f4:f2:8f:a3:5b:dc:a7:b4:1b:c6:ee:c4:b0:
1c:ec:e6:c0:be:ea:6d:d1:72:43:f7:45:79:dd:94:
62:a1:c2:ed:64:17:c4:48:24:a8:b8:c8:e7:f7:a3:
0f:f5:01:3e:9a:df:29:ba:c8:28:11:00:a2:bf:ba:
f0:c8:78:b4:31:76:3f:c0:98:d6:ac:f3:a9:72:74:
59:d7:ca:c0:8a:f7:ba:c4:86
writing RSA key
—–BEGIN RSA PRIVATE KEY—–
MIIEpQIBAAKCAQEA065O6OmKFhxZU+InWtwk17ezhDqlwazwGPZFZr+NXjm659ca
rXABbAJH4mheL978Taakq5m+k3fn+i93sz5ED03bLR2otHOQPwGhmaBdH3WguQqM
vFa1Orp9W6Odszk5n5zjHooLvKPHknlRZGoMCibtSpTcowoWEYDHKAutGiucSjVt
jxrT/+lEv5ijnHrVex07EPAqTeuroS+LD1wP1bVOwzlRkWLId7ZMaqV2YZGZEOAk
wBT+93QBkIkvqUDu7yps3fjNVP/DxJYp1TAiAiIh9oITcjeLh2bi7h3pi9q+OSPj
xRMYDeziIbehbQ5SDHbo1+7SWFJ5C9LKG84wWQIDAQABAoIBAQDO2H1zSwIMKReA
yHT8bDH0OSXKCCUA5CSZv8yBYpyZfoANHDyNTe2VxYTI0IN488RHfJdct5dqMrkT
2F53YFjRO5r4swqvil1htA5dOD7HBwJOzuhHAdOF18W3TmJDR5/vQDcPGIXvh3r0
vmeyX430PaWSQ3R2PNzjrZrunro/3qX2xmW8zZvyH0trWgurT+rlzAsUpPq1wgcE
Cazw3OIvHL9r56UacJL0QkQBw65cnX6OGH8facZbVbOp/k4ITGFBctmwHuuGCi8D
9rbj7qYbOf0BdzBREoca17moZi6NxyeVdGirTNrb+UDcnNX6H7iCTokxK6G5/0pN
Ij2oZZQBAoGBAPWoY0lr8VaGUo14Jsk10PuZ+ShaJGYw6+IUfBAUBGwPS+kqJjcw
lHfnQjxpQ4KQr7UMPkpdIZQ0fuZHxTA4lO/mPpp21npdOhphZkFLmnVGPWP+Ni0Y
TGo7nlGWiljbcVHNPYpD/a3NQcj6AYHm7YTvTfeGPDP60IBB/x/VAWJJAoGBANyX
us9IFepWA5XyARhz67yw2vaZ0mN1b9uwpNRjRSSjdjoJ3zII91LQxrrTlqernDm9
/f+kwxqpxeBIRy4CNAhyFkdftlhSF8QhUUCJLcN22SoUnS+VnSFOeXaTByUoDuYO
FiKgsJbktZmw+pT9nVpUXHr+h8kp+9zJxtR6yV2RAoGBAJiyp6y+1RAEhJH9Spat
xg5vAiosBg4jgKxSMV/JIYqN45C2q3SI1PDHJivo/pbNGvr99kZBJ5s5GlxH5nF3
6lRImUdocR80jeZR/r69oPAezhA2tzRGs1EhZ+KtIafkF8dSPVuRscD0Il0r0f4O
LjwAiEVBAnEJCct/unbt72NJAoGAJhQnEjr+VXpNmiexWrg//E2HLsR01ehiy8id
W3BbciypbvFfTvLPRsN1WrDFs+Hi0PDkFKorZ8Hgv4uahe2pb7/J6r4x6uMY6Slb
Lkm/1ZsBd8shKyKngiVawEY3GInmsH3EAmw8r3+BfatYRjnVXM9tO2oOpIIT0RQf
t3QOqJECgYEA7EbLsiEhf+0fogskj3t3L/Y/P93BLl7SXPO6jPVO5Mwq4tCAAfru
CfrB7O+7HvTyj6Nb3Ke0G8buxLAc7ObAvupt0XJD90V53ZRiocLtZBfESCSouMjn
96MP9QE+mt8pusgoEQCiv7rwyHi0MXY/wJjWrPOpcnRZ18rAive6xIY=
—–END RSA PRIVATE KEY—–

modules

秘密鍵と公開鍵の数式で共通する値です。

publicExponent

公開鍵の基となる値です。

modules と publicExponent で公開鍵としての計算が可能です。

privateExponent

秘密鍵の基となる値です。

modules と privateExponent で秘密鍵としての計算が可能です。

BEGIN/END RSA PRIVATE KEY

実際の秘密鍵です。

PEM と呼ばれるフォーマットで記載され、Base64 でエンコードされています。

秘密鍵をファイルとして開くとただの英数字の羅列にしか見えませんが、実際には上記のような情報が意味のあるデータとして記載されています。

CSR(証明書署名要求)

[root@localhost conf]# openssl req -text < server.csr
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=JP, ST=Okinawa, L=Naha, O=TURNING POINT Co.,Ltd., CN=turninp.jp/emailAddress=information@turninp.jp
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d3:ae:4e:e8:e9:8a:16:1c:59:53:e2:27:5a:dc:
24:d7:b7:b3:84:3a:a5:c1:ac:f0:18:f6:45:66:bf:
8d:5e:39:ba:e7:d7:1a:ad:70:01:6c:02:47:e2:68:
5e:2f:de:fc:4d:a6:a4:ab:99:be:93:77:e7:fa:2f:
77:b3:3e:44:0f:4d:db:2d:1d:a8:b4:73:90:3f:01:
a1:99:a0:5d:1f:75:a0:b9:0a:8c:bc:56:b5:3a:ba:
7d:5b:a3:9d:b3:39:39:9f:9c:e3:1e:8a:0b:bc:a3:
c7:92:79:51:64:6a:0c:0a:26:ed:4a:94:dc:a3:0a:
16:11:80:c7:28:0b:ad:1a:2b:9c:4a:35:6d:8f:1a:
d3:ff:e9:44:bf:98:a3:9c:7a:d5:7b:1d:3b:10:f0:
2a:4d:eb:ab:a1:2f:8b:0f:5c:0f:d5:b5:4e:c3:39:
51:91:62:c8:77:b6:4c:6a:a5:76:61:91:99:10:e0:
24:c0:14:fe:f7:74:01:90:89:2f:a9:40:ee:ef:2a:
6c:dd:f8:cd:54:ff:c3:c4:96:29:d5:30:22:02:22:
21:f6:82:13:72:37:8b:87:66:e2:ee:1d:e9:8b:da:
be:39:23:e3:c5:13:18:0d:ec:e2:21:b7:a1:6d:0e:
52:0c:76:e8:d7:ee:d2:58:52:79:0b:d2:ca:1b:ce:
30:59
Exponent: 65537 (0x10001)
Attributes:
challengePassword :P@ssw0rd
Signature Algorithm: sha256WithRSAEncryption
69:91:c2:a4:ed:9b:b3:05:b8:30:28:e6:d7:d0:69:7c:75:58:
5b:82:84:a6:1a:25:e4:e2:63:f3:d8:3e:8f:4b:8d:6e:ae:46:
2c:31:4c:08:ff:08:5f:9e:4b:86:86:67:25:b1:f6:50:ee:c7:
cb:0c:4d:0d:84:68:6f:4c:e7:98:58:45:72:86:b3:91:75:4e:
78:f5:b1:78:96:4f:1c:b5:9a:26:3f:34:31:36:0a:9a:5e:76:
91:3c:c4:95:85:71:ba:0b:c5:d7:7c:14:f8:21:8a:96:6c:a8:
73:95:52:e2:d5:a0:67:99:39:99:db:dd:8f:23:e3:70:30:de:
4e:a8:c3:45:87:28:c6:6c:36:71:c5:f5:86:0c:de:d7:6f:b3:
af:03:32:3f:99:d9:be:2f:49:c7:bd:24:64:aa:43:9d:56:24:
a3:ea:92:fc:a9:f6:e0:03:78:6d:30:98:2a:4f:3e:1d:6a:95:
e6:41:c9:d3:0e:c6:b1:e3:71:dc:4f:60:c1:6e:8d:30:82:ca:
6b:ec:75:d3:ec:db:88:0a:22:a4:4a:97:30:05:37:2d:77:a6:
51:f4:22:34:c1:95:1f:23:45:24:0a:a2:fb:c7:5e:80:a9:ac:
3c:5c:88:be:15:f3:a0:a8:a1:cc:65:ec:05:23:98:93:d1:43:
8a:13:da:00
—–BEGIN CERTIFICATE REQUEST—–
MIIC6TCCAdECAQAwgYoxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdPa2luYXdhMQ8w
DQYDVQQHDAZLYWRlbmExHDAaBgNVBAoME0xPVkUgTElWRSEgQ28uLEx0ZC4xEzAR
BgNVBAMMCnR1cm5pbnAuanAxJTAjBgkqhkiG9w0BCQEWFmluZm9ybWF0aW9uQHR1
cm5pbnAuanAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTrk7o6YoW
HFlT4ida3CTXt7OEOqXBrPAY9kVmv41eObrn1xqtcAFsAkfiaF4v3vxNpqSrmb6T
d+f6L3ezPkQPTdstHai0c5A/AaGZoF0fdaC5Coy8VrU6un1bo52zOTmfnOMeigu8
o8eSeVFkagwKJu1KlNyjChYRgMcoC60aK5xKNW2PGtP/6US/mKOcetV7HTsQ8CpN
66uhL4sPXA/VtU7DOVGRYsh3tkxqpXZhkZkQ4CTAFP73dAGQiS+pQO7vKmzd+M1U
/8PElinVMCICIiH2ghNyN4uHZuLuHemL2r45I+PFExgN7OIht6FtDlIMdujX7tJY
UnkL0sobzjBZAgMBAAGgGTAXBgkqhkiG9w0BCQcxCgwIUEBzc3cwcmQwDQYJKoZI
hvcNAQELBQADggEBAGmRwqTtm7MFuDAo5tfQaXx1WFuChKYaJeTiY/PYPo9LjW6u
RiwxTAj/CF+eS4aGZyWx9lDux8sMTQ2EaG9M55hYRXKGs5F1Tnj1sXiWTxy1miY/
NDE2CppedpE8xJWFcboLxdd8FPghipZsqHOVUuLVoGeZOZnb3Y8j43Aw3k6ow0WH
KMZsNnHF9YYM3tdvs68DMj+Z2b4vSce9JGSqQ51WJKPqkvyp9uADeG0wmCpPPh1q
leZBydMOxrHjcdxPYMFujTCCymvsddPs24gKIqRKlzAFNy13plH0IjTBlR8jRSQK
ovvHXoCprDxciL4V86Coocxl7AUjmJPRQ4oT2gA=
—–END CERTIFICATE REQUEST—–

Subject

証明してほしいサーバの情報です。

modules

秘密鍵と公開鍵の数式で共通する値です。

秘密鍵ファイルの modules と同じ値であることが分かると思います。

Exponent

公開鍵の基となる値です。

publicExponent ではなく Exponent になっているのは、いわずもがな秘密鍵を CSR に含めることは無いからです。

Signature Algorithm

被証明者の署名です。

この例ではサーバ情報や公開鍵情報などが含まれたメッセージから sha256 を使用してハッシュ値を生成し、作成されたハッシュ値を自分の秘密鍵で暗号化したという意味です。

この署名を認証局が公開鍵を用いてハッシュに復号し、メッセージから認証局側で作成したハッシュ値と比べることで、メッセージが改ざんされていないこと、 署名要求書に記載されている公開鍵と対になっている秘密鍵を使用していることを確認することになります。

Signature Algorithm の下の16進数が実際の署名の部分です。

BEGIN / END CERTIFICATE REQUEST

実際の CSR の中身です。

上記から、CSR には公開鍵と被証明者の情報、被証明者の署名が含まれています。

サーバ証明書

[root@localhost conf]# openssl x509 -text < server.crt
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
b9:0b:a2:7a:ae:93:8f:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=JP, ST=Okinawa, L=Naha, O=TURNING POINT Co.,Ltd., CN=turninp.jp/emailAddress=information@turninp.jp
Validity
Not Before: Feb 8 01:14:15 2020 GMT
Not After : Mar 9 01:14:15 2020 GMT
Subject: C=JP, ST=Okinawa, L=Naha, O=TURNING POINT Co.,Ltd., CN=turninp.jp/emailAddress=information@turninp.jp
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d3:ae:4e:e8:e9:8a:16:1c:59:53:e2:27:5a:dc:
24:d7:b7:b3:84:3a:a5:c1:ac:f0:18:f6:45:66:bf:
8d:5e:39:ba:e7:d7:1a:ad:70:01:6c:02:47:e2:68:
5e:2f:de:fc:4d:a6:a4:ab:99:be:93:77:e7:fa:2f:
77:b3:3e:44:0f:4d:db:2d:1d:a8:b4:73:90:3f:01:
a1:99:a0:5d:1f:75:a0:b9:0a:8c:bc:56:b5:3a:ba:
7d:5b:a3:9d:b3:39:39:9f:9c:e3:1e:8a:0b:bc:a3:
c7:92:79:51:64:6a:0c:0a:26:ed:4a:94:dc:a3:0a:
16:11:80:c7:28:0b:ad:1a:2b:9c:4a:35:6d:8f:1a:
d3:ff:e9:44:bf:98:a3:9c:7a:d5:7b:1d:3b:10:f0:
2a:4d:eb:ab:a1:2f:8b:0f:5c:0f:d5:b5:4e:c3:39:
51:91:62:c8:77:b6:4c:6a:a5:76:61:91:99:10:e0:
24:c0:14:fe:f7:74:01:90:89:2f:a9:40:ee:ef:2a:
6c:dd:f8:cd:54:ff:c3:c4:96:29:d5:30:22:02:22:
21:f6:82:13:72:37:8b:87:66:e2:ee:1d:e9:8b:da:
be:39:23:e3:c5:13:18:0d:ec:e2:21:b7:a1:6d:0e:
52:0c:76:e8:d7:ee:d2:58:52:79:0b:d2:ca:1b:ce:
30:59
Exponent: 65537 (0x10001)
Signature Algorithm: sha256WithRSAEncryption
15:08:09:5d:40:00:0d:23:b1:84:cb:f5:03:1b:03:99:e8:b4:
a8:bd:5b:4a:45:80:0f:0b:12:ca:04:29:c0:12:40:58:a8:ea:
00:97:10:14:0a:94:04:90:53:85:38:a1:b4:75:42:b0:0d:f0:
a9:05:a5:61:af:c3:5c:23:fa:2c:1b:4f:3c:7e:6d:55:27:92:
a4:d1:e8:8c:f2:b4:f3:6f:4d:a8:ab:c0:b3:82:c3:a3:a8:b3:
e2:4a:2e:3b:30:71:e1:57:98:95:de:bb:c5:21:65:2d:f2:b8:
6c:f4:e9:8d:16:32:58:55:a0:41:de:e7:cd:a5:07:9a:1a:a6:
ba:55:38:d7:51:30:b3:c1:88:88:30:0f:58:7e:6a:07:5b:b5:
09:26:3c:e3:d8:4d:7a:01:78:77:d5:c8:00:0f:31:64:b8:b4:
07:48:a3:45:4e:3d:0d:ee:ce:46:5b:55:d6:8e:3e:ec:57:0d:
a2:7e:2d:a9:c6:fb:68:94:65:7d:d1:dc:8e:8c:20:14:2c:d2:
49:c6:9b:7c:be:3b:56:5b:33:64:c8:52:3f:25:08:53:18:58:
69:9a:16:d0:ea:c5:be:bb:25:91:6b:e6:fb:c8:35:64:0a:b9:
99:82:33:35:3e:42:a2:83:f6:16:dc:26:99:cb:1e:36:b1:39:
83:58:76:11
—–BEGIN CERTIFICATE—–
MIIDkjCCAnoCCQC5C6J6rpOPqzANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMC
SlAxEDAOBgNVBAgMB09raW5hd2ExDzANBgNVBAcMBkthZGVuYTEcMBoGA1UECgwT
TE9WRSBMSVZFISBDby4sTHRkLjETMBEGA1UEAwwKdHVybmlucC5qcDElMCMGCSqG
SIb3DQEJARYWaW5mb3JtYXRpb25AdHVybmlucC5qcDAeFw0yMDAyMDgwMTE0MTVa
Fw0yMDAzMDkwMTE0MTVaMIGKMQswCQYDVQQGEwJKUDEQMA4GA1UECAwHT2tpbmF3
YTEPMA0GA1UEBwwGS2FkZW5hMRwwGgYDVQQKDBNMT1ZFIExJVkUhIENvLixMdGQu
MRMwEQYDVQQDDAp0dXJuaW5wLmpwMSUwIwYJKoZIhvcNAQkBFhZpbmZvcm1hdGlv
bkB0dXJuaW5wLmpwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA065O
6OmKFhxZU+InWtwk17ezhDqlwazwGPZFZr+NXjm659carXABbAJH4mheL978Taak
q5m+k3fn+i93sz5ED03bLR2otHOQPwGhmaBdH3WguQqMvFa1Orp9W6Odszk5n5zj
HooLvKPHknlRZGoMCibtSpTcowoWEYDHKAutGiucSjVtjxrT/+lEv5ijnHrVex07
EPAqTeuroS+LD1wP1bVOwzlRkWLId7ZMaqV2YZGZEOAkwBT+93QBkIkvqUDu7yps
3fjNVP/DxJYp1TAiAiIh9oITcjeLh2bi7h3pi9q+OSPjxRMYDeziIbehbQ5SDHbo
1+7SWFJ5C9LKG84wWQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAVCAldQAANI7GE
y/UDGwOZ6LSovVtKRYAPCxLKBCnAEkBYqOoAlxAUCpQEkFOFOKG0dUKwDfCpBaVh
r8NcI/osG088fm1VJ5Kk0eiM8rTzb02oq8CzgsOjqLPiSi47MHHhV5iV3rvFIWUt
8rhs9OmNFjJYVaBB3ufNpQeaGqa6VTjXUTCzwYiIMA9YfmoHW7UJJjzj2E16AXh3
1cgADzFkuLQHSKNFTj0N7s5GW1XWjj7sVw2ifi2pxvtolGV90dyOjCAULNJJxpt8
vjtWWzNkyFI/JQhTGFhpmhbQ6sW+uyWRa+b7yDVkCrmZgjM1PkKig/YW3CaZyx42
sTmDWHYR
—–END CERTIFICATE—–

Issuer

この証明書の認証者です。

Not Before / Not Affter

証明書の有効期限です。

Subject

認証されたサーバが記載されています。

上記例は自己証明書の為 Issuer と同じになっています。

Modules & Exponent

CSR と同じです。つまり公開鍵です。

Signature Algorithm

CSR の Signature Algorithm と値が異なります。

CSR は被証明者が Signature Algorithm で署名していましたが、ここで署名しているのは認証局です。

証明書の内容は CSR の内容と異なるので、認証局が署名した結果別の値になっています。

BEGIN / END CERTIFICATE

実際の証明書です。

パブリック認証局で証明書を発行した際にはこの部分がテキストとして送られてきます。

コメントを残す

メールアドレスが公開されることはありません。 が付いている欄は必須項目です

日本語が含まれない投稿は無視されますのでご注意ください。(スパム対策)