Skip to content

Instantly share code, notes, and snippets.

@alexanderjsx
Last active April 30, 2024 12:20
Show Gist options
  • Save alexanderjsx/695af2592098e03e811f9bc9a9f17bf6 to your computer and use it in GitHub Desktop.
Save alexanderjsx/695af2592098e03e811f9bc9a9f17bf6 to your computer and use it in GitHub Desktop.

Here are some common file extensions used in mutual TLS (mTLS) and when to use each:

  • .pem (Privacy Enhanced Mail): This is a container format that may include just the public certificate or the entire certificate chain (private key, public key, root certificates). It's used for storing and sending cryptographic keys, certificates, and other data, and it's base64 encoded.
  • .crt (Certificate): This is a public key certificate. It's usually in the X.509 standard and it's used to establish a TLS encrypted secure connection.
  • .key (Key): This is a private key file. It's used in the creation and verification of digital signatures and in the decryption of data.
  • .csr (Certificate Signing Request): This is a block of encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It's used to apply for your own certificates.
  • .cer/.crt (Certificate): These are SSL certificates that can be in binary form (ASN.1 DER) or encoded with Base-64 with header and footer included (PEM), and they're used to establish a TLS encrypted secure connection.
  • .pfx/.p12 (Personal Information Exchange): These files are used to store the server certificate, any intermediate certificates, and the private key in one encryptable file. They're commonly used on Windows machines to import and export certificates and private keys.

Remember, the usage of these files can vary depending on the specific requirements of the mTLS implementation. Always refer to the specific documentation of the system you're working with for the most accurate information.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment