Skip to main content

2.1. Encoding

2.1. Encoding

The headers in this document encode certificates as Byte Sequences (Section 3.3.5 of [STRUCTURED-FIELDS]) where the value of the binary data is a DER-encoded [ITU.X690] X.509 certificate [RFC5280]. In effect, this means that the binary DER certificate is encoded using base64 (without line breaks, spaces, or other characters outside the base64 alphabet) and delimited with colons on either side.

Note that certificates are often stored in an encoded textual format, such as the one described in Section 5.1 of [RFC7468], which is already nearly compatible with a Byte Sequence. If certificates are encoded as such, it will be sufficient to replace ---(BEGIN|END) CERTIFICATE--- with : and remove line breaks in order to generate an appropriate item.

Last updated on