Table of Contents
A Certificate embeds a public key belonging to an entity. It certifies the public key and all the information via digitally signature of another entity (the issuer, e.g. - a person, company, etc.), saying that the embedded public key (and some other information) belongs to the declared entity (the subject) and has some specific value. That is why it is also called a Public Key Certificate. The certificate is usually signed by a trusted Certification Authority (CA) or it can be self signed.
CERTivity can handle X.509 certificates types, both version 1 and 3.
In order to open a standalone existing certificate, click on Menu File > Open > Open Certificate. After the certificate
file (with .cer or .crt extension) is selected, it will be opened in a new tab which is named
after the certificate's file name. There is drag and drop support for certificate files on
Microsoft Windows and Linux platforms.
Most recently used certificates can be found using Menu File > Open Recent File. A
simple click on the desired certificate in the menu, will open the
certificate in a new tab. If the certificate has been already opened, the
certificate's tab will be activated.
If the file opened using Menu File >
Open > Open Certificate or Menu File > Open Recent File
contains more than one certificate, then in the left part of the new tab
opened these certificates will be displayed in a tree view reflecting
their hierarchy. When a certificate is selected in the tree view, the
information associated with it will be displayed in the right part of the
window.
The following certificate details will be displayed:
Format;
Version;
Serial Number;
Validation date period;
Public Key;
Signature Algorithm;
Subject/Issuer;
Common Name (CN);
Organization Unit (OU);
Organization Name (O);
Locality Name (L);
State Name (ST);
Country (C);
Email (E);
Trust Status;
MD5 Fingerprint;
SHA1 FingerPrint.
In the certificate window details the following actions are available:
Test on Custom Protocol - which will open a new window for testing the certificate against a raw TCP/IP connection with the possibility to send text requests;
Get Revocation Status - which will open a dialog to check the revocation status;
View Associated CRL - which will open a new tab to view the entire Certificate Revocation List associated to the certificate in case one is available in the certificate extension;
Open public key - which will complete the window with details about the public key (algorithm, key size, modulus, public exponent, ASN.1);
PEM - which will open a new window containing the PEM representation of the certificate;
ASN.1 - which will open a new window containing the ASN.1 representation of the certificate.
Display more certificate fingerprints - which will expand the list of certificate fingerprints by adding to the list the fingerprints of a certificate in the following hashes: MD2, MD4, RIPEMD-128, RIPEMD-160, RIPEMD-256, SHA-224, SHA-256, SHA-384 and SHA-512.
Display less certificate fingerprints - which will collapse the list of certificate fingerprints by removing from the list the fingerprints of a certificate in the following hashes: MD2, MD4, RIPEMD-128, RIPEMD-160, RIPEMD-256, SHA-224, SHA-256, SHA-384 and SHA-512.
The details above, the actions and the display format are mostly the same when a Certificate is visualized from a KeyStore tab, either as a KeyStore entry or as a Key Pair entry sub-component, only that the information will appear in the Details Panel and depending on the resolution it might be scrollable and the Public Key Details will not be visible from the beginning in the view from KeyStore, but rather after opening it.
Note
You can use certificates examples provided in the distribution kit
in doc/samples/certificate folder, to test the certificates
features.