PKCS ♯12
| Filename extension | .p12, .pfx |
|---|---|
| Developed by | RSA Security |
| Initial release | 1996 |
| Latest release | PKCS #12 v1.0 / 24 June 1999 Technical Corrigendum 1 / 25 February 2000 |
| Type of format | Archive file format |
| Container for | X.509 public key certificates, X.509 private keys, X.509 CRLs, generic data |
| Extended from | Microsoft PFX file format |
In cryptography, PKCS #12 defines an archive file format for storing many cryptography objects as a single file. It is commonly used to bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust.[1]
A PKCS #12 file may be encrypted and signed. The internal storage containers, called "SafeBag"s, may also be encrypted and signed. A few SafeBags are predefined to store certificates, private keys and CRLs. Another SafeBag is provided to store any other data at individual implementer's choice. [2][3]
PKCS #12 is one of the family of standards called Public-Key Cryptography Standards (PKCS) published by RSA Laboratories.
The filename extension for PKCS #12 files is ".p12" or ".pfx".[4]
These files can be created, parsed and read out with the OpenSSL pkcs12 command.[5]
Relationship to PFX file format [edit]
Actually PKCS #12 is the successor to Microsoft's "PFX".[6] But confusingly the terms "PKCS #12 file" and "PFX file" are sometimes used interchangeably.[4] [5] [7]
Microsoft's "PFX" has received heavy criticism of being one of the most complex cryptographic protocols.[7]
References [edit]
- ^ http://help.globalscape.com/help/secureserver3/Generating_a_PKCS_12_private_key_public_certificate.htm
- ^ "PKCS #12: Personal Information Exchange Syntax Standard". RSA Laboratories. Retrieved 2013-03-14. "This standard specifies a portable format for storing or transporting a user's private keys, certificates, miscellaneous secrets, etc."
- ^ "PKCS 12 v1.0: Personal Information Exchange Syntax". RSA Laboratories. 1999-06-24. Retrieved 2013-03-14.
- ^ a b Michel I. Gallant (March 2004). "PKCS #12 File Types: Portable Protected Keys in .NET". Microsoft Corporation. Retrieved 2013-03-14. "All Windows operating systems define the extensions .pfx and .p12 as Personal Information Exchange, or PKCS #12, file types."
- ^ a b "OpenSSL: Documents, pkcs12(1)". OpenSSL Project. 2013-01-17. Retrieved 2013-03-14. "The pkcs12 command allows PKCS#12 files (sometimes referred to as PFX files) to be created and parsed."
- ^ Peter Gutmann (August 2002). "Lessons Learned in Implementing and Deploying Crypto Software". The USENIX Association. Retrieved 2013-03-14. "In 1996 Microsoft introduced a new storage format [...] called PFX (Personal Information Exchange) [...] it was later re-released in a cleaned-up form as PKCS #12"
- ^ a b Peter Gutmann (1998-03-12). "PFX - How Not to Design a Crypto Protocol/Standard". Retrieved 2013-03-14.
External links [edit]
|
|||||||
|
||||||||||
 |
This cryptography-related article is a stub. You can help Wikipedia by expanding it. |
