X.509 Certificates
Main reference: RFC5280
Also refer to my repository openssl cert commands to see example codes for generating X.509 certificates, with various combinations of CAs and CSRs
Contents of a certificate
See the section 4.1 for a list of all fields in a X.509 certificate.
The important fields (from algorithmic POV) are:
- signatureAlgorithm and signatureValue
- subjectPublicKeyInfo
Along with that, a certificate may contains extensions, like Key usage.
Algorithm support
Main reference: RFC3279
Above reference contains which key usage extension is expected for each algorithm.
About static DH key support
In theory, “DH key exchange” certificates are possible but they aren’t used (almost at all)
See why dh can’t be used for signing? and static dh with openssl
Even openssl doesn’t directly support DH keys (without using -force_pubkey ).
Today many systems have moved to TLS 1.3 (which remove static keys altogether) or use TLS 1.2 with ephemeral keys.
Key usage extension
The Key usage extension determines for what purposes the public key of the subject can be used. Key usage restricts the use to some applications. But if this extension is absent, the key can be used without any restrictions.
e.g. RSA keys can (in theory) be used for key encipherment and for authentication (signature). If RSA public key is present in the certificate, we can restrict its usage with this extension.
Structure of Key usage extension is as follow:
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1), -- recent editions of X.509 have
-- renamed this bit to contentCommitment
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }In a Certificate Requests, the subject can also request for specific KeyUsage extensions.
The Certificate Authority (CA) has the final say on which KeyUsage to allow.