Certificate Profiles and
Sample Certificates
As a step toward harmonizing certificate profiles, the Higher Education PKI (HEPKI) Technical Activities Group is collecting profiles and sample certs now being developed. They are presented using the following formats.
- PEM - an actual X.509 certificate, DER and Base64 encoded into a text file. This is the canonical form for a certificate.
- TXT - Plain text dump of the various fields of a certificate (generated by, for example, OpenSSL or iPlanet)
- XML - an XML-based certificate format used by IBM's XML Security Suite. It can be reliably transformed back into the canonical DER-encoded form, and also into HTML via XSL. Here is an example: sample-cert.xml.
- HTML - produced from the XML format by IBM's XML Security Suite using XSLT with this stylesheet: x509-to-HTML.xsl. Here is an example.
- XLS - based on this annotated generic certificate profile. Mine Sakurai and David Wasley produced the generic profile from an original version by Bob Moskowitz.
If your institution has a certificate profile that should be registered, please email it to HEPKI-TAG chair Jim Jokl (jaj@virginia.edu). Raw certificates not in profile format are also welcome.
Certificate Profiles
- Columbia University (DLF) (XLS)
- CREN institutional root CA (XLS)
- Georgetown University (XLS)
- MIT (XLS)
- University of California (XLS)
- University of Michigan (XLS)
- University of Virginia (XLS)
- University of Wisconsin (XLS)
