[Q] How to get the CA's certificate from a given DN?
[Q] How to get the CA's certificate from a given public key?
online certificate chain check,
- certificate chain = certificate path
- DN= Distinguished Name
- CN= Common Name
//=== Digital certificate (or Certificate for short)Digital certificates are used to authenticate an entity( a person, an organization, a company, ...)
by "a chain of trust" .
The chain is formed topdown?, with a root authority(RA) at the top.
To view any certificate's chain,
- trigger MMC snap-in by double-clicking a certificate,
- then click the Certificate Path tab.
The root authority certificate at the top of a certificate chain is self-issued.
//=== Distinguished Name (DN) uniquely identifies an entity in an X.509 certificate.
Attribute types in DN:
- CN: Common Name
- T : Title
- O : Organization name
- OU : Organizational Unit name
- L : Locality name
- ST (or SP or S) : State or Province name
- C : Country
//=== Digital certificate (Certificate for short)
A digital certificate contain at least the following information
- The owner's public key
- The owner's Distinguished Name (Owner's DN)
- The Distinguished Name of the CA that is issuing the certificate (issuer's DN)
- The date from which the certificate is valid (Valid From)
- The expiry date of the certificate (Valid To)
- A version number
- A serial number (SN)