More about the acronyms and encoding. PEM (originally "Privacy Enhanced Mail") refers to a base64 encoded DER format with the "-----" markers at the start and end. It's common to have free form text outside the "-----BEGIN whatever-----" and "-----END whatever-----" markers. The base64 stuff is always between them.
DER is "Distinguished Encoding Rules" which refers to a nifty binary structure for holding X.509 data or related SSL stuff. ASN.1 stands for "Abstract Syntax Notation 1". It's a tag-length-data format used for data at rest (like a certificate) or data in flight (LDAP, VoIP, even Kerberos). DER is based on ASN.1. The command 'openssl asn1parse' will break apart a certificate so you can see its structure. It takes either PEM or DER input (but specify which). I hope this helps. -- ------------------------------------------------------------------------ Rick Troth Senior Software Developer Velocity Software Inc. Mountain View, CA 94041 Main: (877) 964-8867 Direct: (614) 594-9768 ri...@velocitysoftware.com <mailto:ri...@velocitysoftware.com> ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/