tuansoibk

1. Introduction
2. Standards
3. Common combinations
4. Conversion
5. Verification/Inspection
6. Tips for recognising

Introduction

It happens that there are many standards for storing cryptography materials (key, certificate, ...) and it isn't always obvious to know which standard is used by just looking at file name extension or file content. There are bunch of questions on stackoverflow asking about how to convert from PEM to PKCS#8 or PKCS#12, while many tried to answer the questions, those answers may not help because the correct answer depends on the content inside the PEM file. That is, a PEM file can contain many different things, such as an X509 certificate, a PKCS#1 or PKCS#8 private key. The worst-case scenario is that someone just store a non-PEM content in "something.pem" file.

soulmachine

First of all, please note that token expiration and revoking are two different things.

1. Expiration only happens for web apps, not for native mobile apps, because native apps never expire.
2. Revoking only happens when (1) uses click the logout button on the website or native Apps;(2) users reset their passwords; (3) users revoke their tokens explicitly in the administration panel.

1. How to hadle JWT expiration

A JWT token that never expires is dangerous if the token is stolen then someone can always access the user's data.

Quoted from JWT RFC:

jimrok

package test_mqtt;

import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.FileReader;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;