CertificationRequestInfo - Infinite Lexicon - Infinite Lexicon

CertificationRequestInfo

CertificationRequestInfo is a data structure used in PKCS #10 certificate signing requests (CSRs) to convey the essential information that a certificate authority (CA) will consider when issuing an X.509 certificate. It forms the core data that is signed to prove possession of the corresponding private key and to request a certificate for a given subject.

The CertificationRequestInfo is part of the CertificationRequest in a CSR. In ASN.1, CertificationRequestInfo is defined as

- version: an integer, usually 0

- subject: the distinguished name (DN) of the entity requesting the certificate

- subjectPublicKeyInfo: the public key algorithm identifier plus the public key data

- attributes: an optional set of attributes (tagged as [0]), which can include extension requests or other

The CSR is created by signing CertificationRequestInfo with the private key corresponding to the public key

In practice, CSRs are used to request X.509 certificates for servers, users, or devices. The CA validates

Related concepts include PKCS #10, X.509, DER/ASN.1 encoding, and the attributes field which can carry extensions

a

subjectPublicKeyInfo.

CertificationRequest,

CertificationRequestInfo,

a