Certificates - Extensions (X509v3 extensions)
Table of Contents
About
extensions are key values that are part of a certificate.
They are also known as the X509v3 extensions because they are defined in the x509 certificate format.
Most Known
The most known and extension are:
- the Basic Constraint 1) determines if the certificate is a ca certificate or not and the maximum chain depth validation
- the keyUsage that determines the principal usage
- the extended keyUsage that determines the purpose of the usage
- the Subject Alternative Name that determines the DNS name if the certificat is used for a server
To know more about the extensions, you can read the section 4.2 of the specification or the openssl documentation