General
Yubico
Bitwarden
GPG Tools
Donate Coffee

Files/Abbreviations

Gives a quick list of common PIV and GPG file types, as well as other abbreviations you'll come across on this guide.

The list below provides you with a general description of what the different types of files mean. It can be confusing when there are many different file types, but this is the most simple way of explaining them:

❊ PIV File Types

File TypeDescription

.pub

Used for public keys and OpenSSH public keys.

.key

Used to store private key.

.pkcs12, .pfx, .p12

Used to store both public and private key / certificate information. Password protected.

.pem

Used to store any type of key or cert, This includes public key, private key, certificate, or even the certificate signing request (csr).

.crt, .cer

Used to store x509 certificates.

.csr, .req, .p10

Used to store Certificate Signing Requests

❊ PIV Distinguished Name Properties

The following list translates the shorthand distinguished names properties shown in OpenSSL config templates such as in the example below:

[ yubikey_dn ]
0.C                 = NA
1.ST                = NA
2.L                 = NA
3.O                 = Organization
4.OU                = Organization Unit
5.CN                = Your Common Name
6.emailAddress      = email@address.com
7.GN                = Your Given Name
8.title             = Cert Title
9.description       = Description about Cert
10.initials         = ABC
11.serialNumber     = 1234
IDAbbreviationNameDescription

0

C

Country Name

The subject's country or region. This is an X.500 two-character country/region code (for example US for United States or CA for Canada).

1

ST

State Or Province Name

Full name of the subject's state or province (for example, California).

2

L

Locality

Name of the subject's city.

3

O

Organization Name

Legal name of the subject's organization.

4

OU

Organizational Unit

Name of the subject's sub-organization or department.

5

CN

Common Name

For user certificates, the person's full name.

6

emailAddress

Email Address

Email address (for example, "someone@example.com").

7

GN

Given Name

First name of the subject.

8

title

Title

Title of individual who requested the certificate (optional).

9

description

Description

Description of certificate

10

initials

Initials

Initials of the subject (optional).

11

serialNumber

serial number

Specify a serial number for your certificate or remove.

❊ GPG File Types

The following list is associated to GPG keys.

File TypeDescription

.gpg

gpg key -- binary

.asc

gpg key -- armored

.pub

openssh public key

.sig

gpg signed document, binary format

GPG Certificate Types

This list contains abbreviations you'll come across when you execute gpg --list-secret-keys

such as in the example:

ssc   rsa4096 2023-09-01 [SC]
      1523267825AB67256A25BBAD2567ABCDE2A46BAB
uid           [ultimate] YourName <youremail@outlook.com>
ssb   rsa4096 2023-01-01 [E]
sub   rsa4096 2023-01-01 [A]
AbbreviationDescription

sec

Secret Key

ssb

Secret Subkey

pub

Public Key

sub

Public Subkey

uid

User identification

❊ GPG Key Capabilities

This list contains abbreviations you'll come across when you execute gpg --list-secret-keys

such as in the example:

pub   rsa4096 2023-01-01 [SC]
      12637B4335CB54B37C45AABC4F35ABCDE2A46BAB
uid           [ultimate] YourName <youremail@outlook.com>
sub   rsa4096 2023-01-01 [E]
sub   rsa4096 2023-01-01 [A]
AbbreviationDescription

A

Authenticate

S

Sign

C

Certify

E

Encryption

PreviousEnvironment VariablesNextOpenSSL

Last updated