• The contents of a certificate varies depending on its prescribed use.
• Most certificates contain the below parameters.
  1. X.509 version number
  2. Certificate serial number
  3. Cryptographic algorithm used for the signature
  4. CA’s digital signature
  5. Issuing CA
  6. Validity dates
  7. Server name
  8. Server public key
  9. Key usage
  10. Certificate policies
  11. Revocation Information

VERSION

The most widely accepted format for certificates is defined by the ITU-T X.509 standard. Current standard has been set at version-3 since 1995.

SERIAL NUMBER

Unique identifier for each certificate issued by CA.

SIGNATURE ALGORITHM

Concatenation of two values. Algorithm used to create the hash digest of the certificate ( SHA256) and public key encryption algorithm used to encrypt the hash using private key of CA ( RSA ).

SIGNATURE HASH ALGORITHM

Re-statement of the algorithm used to create the hash digest.

ISSUER

Provides a distinguished name for the CA that issued the certificate.

VALID FROM

Date and time that certificate first became valid.

VALID TO

Date and time that certificate expires. Most certificates are issued for either two or three years.

SUBJECT

Provides the name of the computer , user , network device, or service that the CA issues the certificate to.