Certificates - Extensions (X509v3 extensions)


extensions are key values that are part of a certificate.

They are also known as the X509v3 extensions because they are defined in the x509 certificate format.

Most Known

The most known and extension are:

To know more about the extensions, you can read the section 4.2 of the specification or the openssl documentation

How to see the extensions ?

  • With Openssl x509 2)
openssl x509 -in cert.pem -noout -text # the whole cert
openssl x509 -in cert.pem -noout -ext subjectAltName,nsCertType # only a subset

Powered by ComboStrap