Project

General

Profile

Actions

Bug #8512

closed

don't put certificate metadata in PEM files

Added by Adam Price about 10 years ago. Updated over 5 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Security
Target version:
-
Difficulty:
Triaged:
Yes
Fixed in Releases:
Found in Releases:

Description

"The final conversion output shouldn’t contain anything apart from the encoded key and certificates. Although some tools are smart enough to ignore what isn’t needed, other tools are not. Leaving extra data in PEM files might result in problems that are difficult to troubleshoot." from OpenSSL Cookbook [1].

[1] https://www.feistyduck.com/books/openssl-cookbook/

Actions

Also available in: Atom PDF