A Brief Look At PKI Certificate File Extensions

As one of the key components of the SSL (Secure Sockets Layer) technology that is used to secure websites all over the world, Public Key Infrastructure or PKI is a very big part of both online trust for websites and personal authentication for emails.

Today, more than ever, it is essential for businesses completing the transfer of materials online through email attachments or messages to ensure the full security and safety of this transmission. To accomplish this, companies of all sizes, as well as those with private or personal email accounts, are turning to the use of PKI certificates.

Basic Concepts for PKI

The use of Public Key Infrastructure is not the use of a specific technology but rather the mechanisms and the policies that create a universally recognized framework to provide security through five different fundamental attributes.

These five different elements, features of Public Key Infrastructure are:

  • Authentication - the receiver is able to verify the email was sent from the trusted email account through the use of the digital certificate where the user is trusted by a Certificate Authority that is also trusted.
  • Confidentiality - through the use of complex mathematical algorithms the data is encrypted and decrypted to ensure it is not open to access when passing through servers.
  • Integrity - with the use of the digital signature the data goes through a process known as hashing. This ensures that the data has not been altered when decrypted by the receiver's email.
  • Non-repudiation - digital signatures also verifies the information was sent by the specific sender with the password and login to the private key and using a specific device.
  • Access controls - the use of the keys limit access to information except for those with the authority or access to the private or public key in the pair.

This is all done through a method or a framework that is known as X.509 PKI. Think of this a security framework to create the universally recognized methods of encrypting and decrypting data. This can be used for both web server authentication as well as for protecting email through the use of PKI.

The basis of PKI is what allows S/MIME or Secure Multipurpose Mail Extensions to operate. It is also at the heart of the specifications for TLS or Transport Layer Security, the new version of the older SSL.

As there are many different types of MIME types, there are just as many different PKI certificate file extensions. These MIME types then also correspond to different file types. These files types are provided to the application generating the request for the PKI certificate.

The various PKI certificate file extensions will also correspond to the specific use. For example, some of the PKI certificate file extensions are specifically for use with Apache servers (.p8,.p10, .csr) while some are specifically used by the original SSL products from Netscape. These include the .cert extensions.

Typically, the PKI certificate file extensions that will be found with S/MIME include the .pem extension. With Microsoft systems, you may also see the .p12 PKI certificate file extensions or the .p7b, .scp or the .p7r extensions. Windows servers will also use the .pfx files.

When working with a Trust Provider like Comodo, we provide a full range of technical support and services if you require any assistance or need to convert specific file extensions and formats into different options for use on different servers.

Information is also readily available through our knowledgebase. This allows you to search and review step-by-steps guides and tutorials to ensure you have the information you required. Additionally, if you are using the EPKI or Enterprise Public Key Infrastructure Manager the system is very intuitive and does most of the work for you, allowing you to generate PKI certificates as needed and have them installed and active on devices in just a matter of minutes.

In general, for a private home user or a business providing PKI certificates for hundreds of employees and clients, there is really no need to worry about PKI certificate file extensions. Simply use the application form on the website for a personal free copy of the PKI certificate or use the EPKI Manager for a business for very easy signup and certificate generation.

To find out more about the benefits of PKI certificates or the advantage of our EPKI Manager for businesses, visit us online at https://www.instantssl.com. If you prefer to talk in person we welcome the chance to talk to you about your needs, just give us a call at +1 888 266 6361 to the conversation started.

Related Articles
Back to TOP