📅  最后修改于: 2023-12-03 15:05:21.914000             🧑  作者: Mango
SSL(Secure Sockets Layer)是一种加密协议,用于在计算机网络上保护数据传输的安全。它的 SSL 完整格式由以下组成:
SSL证书的第一行通常是由三个由斜线分隔的项组成,它们分别是版本号、序列号和签名算法。
-----BEGIN CERTIFICATE-----
Version: 3 (0x2)
Serial Number:
27:cd:d7:57:69:94:0d:1c:33
:a2:46:a1:6f:28:bc:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US
Validity
证书主体是一些有关服务器和颁发机构的基本信息,包括颁发机构名称、证书序列号、有效期、证书持有者信息等等。
Validity
Not Before: Jan 10 19:17:39 2019 GMT
Not After : Apr 10 19:17:39 2019 GMT
Subject: CN=myexamplewebsite.com
OU=Technology Department
O=My Example Webiste, Inc
L=Seattle
S=Washington
C=US
公钥是 SSL 证书中用于加密数据的组成部分。SSL 证书中的公钥通常以非常长的字符串的形式表示。例如:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ba:ac:f6:1c:3c:26:47:de:3f:49:c8:a3:47:
0f:d0:23:ad:a7:28:b2:8d:ad:81:21:58:12:9d:
43:4b:9d:1a:85:1c:61:ac:00:de:6b:51:f4:55:
3d:95:b4:b6:dc:63:27:aa:10:3a:5a:ae:42:38:
87:74:e8:27:38:04:84:28:2c:4e:9f:fb:03:1f:
89:2a:64:5d:f7:2d:51:e8:4c:54:e3:4e:a4:83:
ca:b5:f1:a8:bd:e4:be:72:7a:2d:54:0e:06:6e:
ed:05:24:e2:26:3a:4f:46:f9:db:79:8f:7f:73:
3a:43:c5:02:25:98:17:b9:ad:b6:df:4f:e8:c9:
ae:e3:bc:36:5d:6d:19:31:76:7b:01:2c:93:1e:
49:ca:1d:35:ef:96:8e:04:10:9b:db:48:b7:22:
c3:cb:b3:70:98:7e:10:3c:70:5a:f5:d9:ee:cd:
47:4f:7d:20:53:2c:a7:9d:f5:5f:14:cc:52:93:
eb:31:7f:af:17:14:81:05:90:f3:77:5c:8c:11:
41:f5:df:e7:8d:3c:f3:b4:b4:ff:0e:f6:95:8f:
98:ee:95:54:35:fa:cd:3b:9c:1d:21:dc:d8:df:
06:dd:e8:3c:75:2a:4f:c0:0b:40:5c:95:09:94:
b3:21:13:60:9b:08:cf:6a:d4:08:e9:ca:1e:4a:
27
Exponent: 65537 (0x10001)
SSL 证书中的数字签名用于验证证书颁发机构的身份并确保 SSL 证书的完整性。数字签名通常由颁发机构使用其私钥计算得出。以下是一个签名示例:
Signature Algorithm: sha256WithRSAEncryption
93:1e:7b:a4:9f:e5:47:35:1c:cb:b5:fd:4d:5b:09:
91:d6:8e:fb:bb:8f:65:31:2e:4a:64:92:0f:6b:2b:
12:13:18:91:08:51:69:31:0d:7e:95:3c:42:cc:54:
4c:2c:28:5a:89:48:29:47:52:5f:a3:37:54:b0:a2:
cc:2d:cf:60:1a:8d:7c:2d:7f:bb:8b:83:8d:e4:f5:
f3:70:31:ae:05:98:7c:eb:61:28:80:18:ff:2e:f1:
06:76:18:b9:ab:45:a6:58:fe:c8:87:a4:2d:d3:f8:
0e:29:43:e3:15:e9:25:d8:76:22:e1:25:cb:1c:de:
73:54:10:dd:f2:3e:1d:35:61:aa:f4:9c:b3:c0:03:
44:7c:a5:e4:ba:e6:3b:71:b3:e9:45:ad:2a:82:55:
aa:0b:77:da:70:56:69:8b:81:29:f3:08:f4:b1:20:
a4:c9:9c:ba:90:67:3f:2d:31:2c:32:b9:f6:f7:15:
ce:fb:39:72:42:f1:4b:f7:e5:ff:3d:3c:04:62:f6:
cd:b5:3f:9c:8d:21:7d:84:f6:b7:15:f0:25:0a:fc:
15:e9:2a:81:33:eb:4b:30:ae:93:11:1f:32:09:a3:
0a:d9:61:6a:5d:31:ec:dd:63:22:25:31:94:d9:1d:
3d:ef:2f:74
总结,SSL完整格式包括证书版本和序列号、证书颁发机构、证书所有者、证书公钥、数字签名等信息。这些信息可以帮助开发者建立安全的网络传输。