I have been reading HOWTOs all over the internet trying to figure out how to generate a self-signed and/or CA (mine) signed certificate.
What I can't understand is, WHY do I need an RSA "key" or certificate. I think it's a key. WHY do I need a PEM certificate, and why a DER certificate? No where on any website does it say WHEN to use one type of certificate or just a key? Apache httpd.conf files will reference both .key and .crt files in their syntax; isn't the .crt a PEM-encoded certificate file? If so, why not give it a more meaningful .pem extension instead. Can anyone clarify for me? I am trying not to chase my tail and want to learn this stuff on a deeper level. When do I know if I need to perform the openssl req and then openssl x509 commands and NOT the openssl rsa command. This is all very confusing and I see no simplified (non-doctoral) documentation on this material. Anyone have a book to suggest? Thanks to anyone that can respond. -- *Warron French, SCSA* **
signature.asc
Description: OpenPGP digital signature
