On Mon, Mar 02, 2009 at 05:35:20PM +0100, Marcus Brinkmann wrote: > Travis wrote: > > Further, trying to dig into ASN.1 was extremely difficult. The specs > > are full of obtuse language, using terms like "object" without > > defining them first. Are there any tools that will dump certificates > > in human-readable formats? I would really like something that could > > take a PEM file of a cert and display it in XML or something of the > > sort. > > Ubuntu comes with dumpasn1. There are also quite a few libraries.
openssl will print certs in a more human readable but slightly less complete format than dumpasn1: % openssl x509 -text < cert dumpasn1 does not read PEM, so you need to do % openssl enc -d -c < cert > cert.der; dumpasn1 cert.der It's a little old but RFC3280 is the most concise and easiest to understand description of X.509 et. al. that I have found. Eric --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com