B.3. Standard X.509 v3 Certificate Extension Reference
0x2(which corresponds to version 3).
Example B.4. Sample Pretty-Print Certificate Extensions
Certificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption Issuer: "CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE" Validity: Not Before: Fri Feb 22 19:06:56 2019 Not After : Tue Feb 22 19:06:56 2039 Subject: "CN=CA Signing Certificate,OU=pki-tomcat,O=EXAMPLE" Subject Public Key Info: Public Key Algorithm: PKCS #1 RSA Encryption RSA Public Key: Modulus: dd:6d:ad:02:10:43:12:ad:ec:6c:10:82:b3:bc:ec:6d: 4b:e9:46:bc:a3:19:63:15:86:cf:6d:62:43:92:6b:a6: 3d:72:54:4b:4f:d5:ad:a9:1d:76:8d:1c:e9:15:24:10: a1:03:1e:1b:14:5e:08:0a:0f:5b:02:aa:e9:3f:85:e1: d4:a6:01:1e:58:ab:7b:f2:67:32:f4:95:3d:35:9c:76: 3a:cb:3b:ef:e3:7d:32:04:bb:35:46:68:bd:21:0c:16: b6:63:aa:e7:bb:cd:0f:55:66:21:09:e6:a6:f7:4c:fd: af:c8:a6:d1:98:03:aa:89:b8:76:e7:dd:df:2b:23:c5: b3:06:16:1d:4a:13:8b:0b:56:0c:d5:a2:9a:22:5e:7d: 08:af:e4:bf:a0:f6:28:ee:ae:0f:2c:b2:4d:2a:09:5b: 6f:32:2e:05:3a:3b:92:5d:d6:1d:69:95:09:0d:f4:b8: 52:ac:48:0f:a8:4f:0a:22:1b:01:4c:d2:79:89:e0:bc: cd:1c:84:f8:88:e6:92:16:ed:08:ad:6d:9c:17:8d:70: 92:bd:18:74:1a:31:5f:9b:f7:eb:f7:6e:f8:9a:e6:37: fe:7a:c6:07:9b:8a:6c:e8:5b:77:7c:37:e0:66:39:72: 62:5d:5d:d0:65:a2:d9:b0:7f:d3:ba:ed:4b:42:89:47 Exponent: 65537 (0x10001) Signed Extensions: Name: Certificate Authority Key Identifier Key ID: 88:fb:c7:45:a8:b8:e9:74:ab:71:a2:ab:ce:4e:26:b9: a5:97:dc:05 Name: Certificate Basic Constraints Critical: True Data: Is a CA with no maximum path length. Name: Certificate Key Usage Critical: True Usages: Digital Signature Non-Repudiation Certificate Signing CRL Signing Name: Certificate Subject Key ID Data: 88:fb:c7:45:a8:b8:e9:74:ab:71:a2:ab:ce:4e:26:b9: a5:97:dc:05 Name: Authority Information Access Method: PKIX Online Certificate Status Protocol Location: URI: "http://localhost.localdomain:8080/ca/ocsp" Signature Algorithm: PKCS #1 SHA-256 With RSA Encryption Signature: 6b:ed:d8:2b:de:40:a4:14:dd:e8:ce:52:2d:40:0a:f1: 88:57:36:3b:7f:c4:e8:77:2b:95:e9:60:fd:57:9b:c2: 2d:17:a2:67:4e:c0:23:00:7a:2c:ef:5f:12:13:05:cc: 9e:d7:4f:70:55:68:88:eb:29:34:94:cd:59:a6:92:31: c6:36:74:dd:e5:a2:1f:b1:9e:6d:f0:41:95:c2:7f:4c: 38:46:62:d9:f3:27:f4:a3:a7:f3:a2:ba:1c:e5:77:4a: d3:2d:50:10:47:03:2e:4f:f2:ef:75:92:36:d8:99:6d: f6:ef:f5:ee:17:70:c2:e0:c1:a1:26:fa:00:e2:ec:35: d5:11:4d:df:66:8d:3c:84:fa:72:ff:47:a5:95:08:c2: 80:e6:19:60:ab:51:d6:f1:aa:ac:72:77:d0:01:97:1f: 13:f0:c9:55:09:4d:d9:62:5b:bc:4a:21:5a:af:77:cb: 4e:cf:48:aa:3d:fc:f6:5e:c8:e2:e0:e3:58:58:40:39: 2b:9c:15:d3:65:62:d0:96:1b:35:3f:6e:35:96:ae:36: c2:6c:2b:46:e8:a3:d3:52:21:f0:47:5a:73:5e:1a:b0: 99:2f:5d:1b:bc:a1:81:65:68:16:08:e8:3e:2f:5e:32: 79:ca:8e:25:e5:78:a1:fc:cd:c0:b3:aa:83:02:18:43 Fingerprint (SHA-256): 2B:2F:05:59:12:F7:A4:6D:DE:22:43:82:59:EC:9F:45:AD:6C:1E:0A:63:6B:79:57:B1:34:3E:1B:BA:D2:13:AC Fingerprint (SHA1): E1:87:42:85:AF:07:6C:B2:5F:07:CB:50:4D:49:17:AB:43:99:31:F7 Mozilla-CA-Policy: false (attribute missing) Certificate Trust Flags: SSL Flags: Valid CA Trusted CA Trusted Client CA Email Flags: Valid CA Trusted CA Object Signing Flags:
Netscape Certificate Commentis 2.16.840.1.113730.1.13. The OID assigned to this extension is hierarchical and includes the former Netscape company arc,
2.16.840.1. The OID definition entry is http://www.alvestrand.no/objectid/2.16.840.1.113730.1.13.html.
cAcomponent should be set to
truefor all CA certificates. PKIX recommends that this extension should not appear in end-entity certificates.
pathLenConstraintcomponent is present, its value must be greater than the number of CA certificates that have been processed so far, starting with the end-entity certificate and moving up the chain. If
pathLenConstraintis omitted, then all of the higher level CA certificates in the chain must not include this component when the extension is present.
PKIX Part 1 requires that this extension be marked critical. This extension is evaluated regardless of its criticality.
This extension may be critical or noncritical.
DistributionPointNamewith a type set to URI, the URI is assumed to be a pointer to the current CRL for the specified revocation reasons and will be issued by the named
cRLIssuer. The expected values for the URI are those defined for the Subject Alternative Name extension. If the
distributionPointomits reasons, the CRL must include revocations for all reasons. If the
cRLIssuer, the CRL must be issued by the CA that issued the certificate.
PKIX recommends that this extension be marked noncritical and that it be supported for all certificates.
OCSP Signingin an OCSP responder's certificate unless the CA signing key that signed the certificates validated by the responder is also the OCSP signing key. The OCSP responder's certificate must be issued directly by the CA that signs certificates the responder will validate.
If this extension is marked critical, the certificate must be used for one of the indicated purposes only. If it is not marked critical, it is treated as an advisory field that may be used to identify keys but does not restrict the use of the certificate to the indicated purposes.
Table B.36. PKIX Extended Key Usage Extension Uses
|OCSP Signing|| |
[a] OCSP Signing is not defined in PKIX Part 1, but in RFC 2560, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP.
Table B.37. Private Extended Key Usage Extension Uses
|Certificate trust list signing||220.127.116.11.4.1.318.104.22.168|
|Microsoft Server Gated Crypto (SGC)||22.214.171.124.4.1.3126.96.36.199|
|Microsoft Encrypted File System||188.8.131.52.4.1.3184.108.40.206|
B.3.7. issuerAltName Extension
PKIX Part 1 recommends that this extension be marked noncritical.
0) for TLS client certificates, S/MIME signing certificates, and object-signing certificates.
1) for some S/MIME signing certificates and object-signing certificates.
WarningUse of this bit is controversial. Carefully consider the legal consequences of its use before setting it for any certificate.
2) for TLS server certificates and S/MIME encryption certificates.
3) when the subject's public key is used to encrypt user data instead of key material.
4) when the subject's public key is used for key agreement.
5) for all CA signing certificates.
6) for CA signing certificates that are used to sign CRLs.
7) if the public key is used only for enciphering data. If this bit is set,
keyAgreementshould also be set.
8) if the public key is used only for deciphering data. If this bit is set,
keyAgreementshould also be set.
keyUsageextension is present and marked critical, then it is used to enforce the usage of the certificate and key. The extension is used to limit the usage of a key; if the extension is not present or not critical, all types of usage are allowed.
keyUsageextension is present, critical or not, it is used to select from multiple certificates for a given operation. For example, it is used to distinguish separate signing and encryption certificates for users who have separate certificates and key pairs for operations.
This extension may be critical or noncritical. PKIX Part 1 recommends that it should be marked critical if it is used.
Table B.38. Certificate Uses and Corresponding Key Usage Bits
|Purpose of Certificate||Required Key Usage Bit|
|CA Signing|| |
PKIX Part 1 requires that this extension be marked critical.
OCSPNocheckshould be issued with short lifetimes and be renewed frequently.
This extension should be noncritical.
This extension may be critical or noncritical.
This extension must be noncritical.
EmailAddressattribute defined by PKCS #9. Software that supports S/MIME must be able to read an email address from either the Subject Alternative Name extension or from the subject name field.
If the certificate's subject field is empty, this extension must be marked critical.
PKIX Part 1 requires that this extension be marked noncritical.
subjectPublicKey, as recommended by PKIX. The Subject Key Identifier extension is used in conjunction with the Authority Key Identifier extension for CA certificates. If the CA certificate has a Subject Key Identifier extension, the key identifier in the Authority Key Identifier extension of the certificate being verified should match the key identifier of the CA's Subject Key Identifier extension. It is not necessary for the verifier to recompute the key identifier in this case.
This extension is always noncritical.