x509 extensions in other CAs

This page documents the x509 extensions (e.g. for CRLs, etc.) set by other CAs. The information here is used by django-ca to initialize and sign certificate authorities and certificates.

Helpful descriptions of the meaning of various extensions can also be found in x509v3_config(5SSL) (online).

CommonName

Of course not an extension, but included here for completeness.

CA Value
Let’s Encrypt X1 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X1
Let’s Encrypt X3 C=US, O=Let’s Encrypt, CN=Let’s Encrypt Authority X3
StartSSL C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
StartSSL Class 2 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Class 2 Primary Intermediate Server CA
StartSSL Class 3 C=IL, O=StartCom Ltd., OU=StartCom Certification Authority, CN=StartCom Class 3 OV Server CA
GeoTrust Global C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
RapidSSL G3 C=US, O=GeoTrust Inc., CN=RapidSSL SHA256 CA - G3
Comodo C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
Comodo DV C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Domain Validation Secure Server CA
GlobalSign C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
GlobalSign DV C=BE, O=GlobalSign nv-sa, CN=GlobalSign Domain Validation CA - SHA256 - G2

authorityInfoAccess

The “CA Issuers” is a URI pointing to the signing certificate. The certificate is in DER/ASN1 format and has a Content-Type: application/x-x509-ca-cert header (except where noted).

In CA certificates

Let’s Encrypt is notable here because its CA Issuers field points to a pkcs7 file and the HTTP response returns a Content-Type: application/x-pkcs7-mime header.

The certificate pointed to by the CA Issuers field is the root certificate (so the Comodo DV CA points to the AddTrust CA that signed the Comodo Root CA).

CA Value
Let’s Encrypt X1
  • OCSP - URI:http://isrg.trustid.ocsp.identrust.com
  • CA Issuers - URI:http://apps.identrust.com/roots/dstrootcax3.p7c
Let’s Encrypt X3
  • OCSP - URI:http://isrg.trustid.ocsp.identrust.com
  • CA Issuers - URI:http://apps.identrust.com/roots/dstrootcax3.p7c
StartSSL (not present)
StartSSL Class 2
  • OCSP - URI:http://ocsp.startssl.com/ca
  • CA Issuers - URI:http://aia.startssl.com/certs/ca.crt
StartSSL Class 3
  • OCSP - URI:http://ocsp.startssl.com
  • CA Issuers - URI:http://aia.startssl.com/certs/ca.crt
GeoTrust Global (not present)
RapidSSL G3 OCSP - URI:http://g.symcd.com
Comodo OCSP - URI:http://ocsp.usertrust.com
Comodo DV
  • CA Issuers - URI:http://crt.comodoca.com/COMODORSAAddTrustCA.crt
  • OCSP - URI:http://ocsp.comodoca.com
GlobalSign (not present)
GlobalSign DV OCSP - URI:http://ocsp.globalsign.com/rootr1

In signed certificates

Let’s Encrypt is again special in that the response has a Content-Type: application/pkix-cert header (but at least it’s in DER format like every other certificate). RapidSSL uses Content-Type: text/plain.

The CA Issuers field sometimes points to the signing certificate (e.g. StartSSL) or to the root CA (e.g. Comodo DV, which points to the AddTrust Root CA)

CA Value
Let’s Encrypt X1
  • OCSP - URI:http://ocsp.int-x1.letsencrypt.org/
  • CA Issuers - URI:http://cert.int-x1.letsencrypt.org
Let’s Encrypt X3
  • OCSP - URI:http://ocsp.int-x3.letsencrypt.org/
  • CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
StartSSL Class 2
  • OCSP - URI:http://ocsp.startssl.com/sub/class2/server/ca
  • CA Issuers - URI:http://aia.startssl.com/certs/sub.class2.server.ca.crt
StartSSL Class 3
  • OCSP - URI:http://ocsp.startssl.com
  • CA Issuers - URI:http://aia.startssl.com/certs/sca.server3.crt
RapidSSL G3
  • OCSP - URI:http://gv.symcd.com
  • CA Issuers - URI:http://gv.symcb.com/gv.crt
Comodo DV
  • CA Issuers - URI:http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
  • OCSP - URI:http://ocsp.comodoca.com
GlobalSign DV
  • CA Issuers - URI:http://secure.globalsign.com/cacert/gsdomainvalsha2g2r1.crt
  • OCSP - URI:http://ocsp2.globalsign.com/gsdomainvalsha2g2

authorityKeyIdentifier

A hash identifying the CA used to sign the certificate. In theory the identifier may also be based on the issuer name and serial number, but in the wild, all certificates reference the subjectKeyIdentifier. Self-signed certificates (e.g. Root CAs, like StartSSL and Comodo below) will reference themself, while signed certificates reference the signed CA, e.g.:

Name subjectKeyIdentifier authorityKeyIdentifier
Root CA foo keyid:foo
Intermediate CA bar keyid:foo
Client Cert bla keyid:bar

In CA certificates

CA Value
Let’s Encrypt X1 keyid:C4:A7:B1:A4:7B:2C:71:FA:DB:E1:4B:90:75:FF:C4:15:60:85:89:10
Let’s Encrypt X3 keyid:C4:A7:B1:A4:7B:2C:71:FA:DB:E1:4B:90:75:FF:C4:15:60:85:89:10
StartSSL keyid:4E:0B:EF:1A:A4:40:5B:A5:17:69:87:30:CA:34:68:43:D0:41:AE:F2
StartSSL Class 2 keyid:4E:0B:EF:1A:A4:40:5B:A5:17:69:87:30:CA:34:68:43:D0:41:AE:F2
StartSSL Class 3 keyid:4E:0B:EF:1A:A4:40:5B:A5:17:69:87:30:CA:34:68:43:D0:41:AE:F2
GeoTrust Global keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E
RapidSSL G3 keyid:C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E
Comodo keyid:AD:BD:98:7A:34:B4:26:F7:FA:C4:26:54:EF:03:BD:E0:24:CB:54:1A
Comodo DV keyid:BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:D4
GlobalSign (not present)
GlobalSign DV keyid:60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B

In signed certificates

CA Value
Let’s Encrypt X1 keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
Let’s Encrypt X3 keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
StartSSL Class 2 keyid:11:DB:23:45:FD:54:CC:6A:71:6F:84:8A:03:D7:BE:F7:01:2F:26:86
StartSSL Class 3 keyid:B1:3F:1C:92:7B:92:B0:5A:25:B3:38:FB:9C:07:A4:26:50:32:E3:51
RapidSSL G3 keyid:C3:9C:F3:FC:D3:46:08:34:BB:CE:46:7F:A0:7C:5B:F3:E2:08:CB:59
Comodo DV keyid:90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7
GlobalSign DV keyid:EA:4E:7C:D4:80:2D:E5:15:81:86:26:8C:82:6D:C0:98:A4:CF:97:0F

basicConstraints

The basicConstraints extension specifies if the certificate can be used as a certificate authority. It is always marked as critical. The pathlen attribute specifies the levels of possible intermediate CAs. If not present, the level of intermediate CAs is unlimited, a pathlen:0 means that the CA itself can not issue certificates with CA:TRUE itself.

In CA certificates

CA Value
Let’s Encrypt X1 (critical) CA:TRUE, pathlen:0
Let’s Encrypt X3 (critical) CA:TRUE, pathlen:0
StartSSL (critical) CA:TRUE
StartSSL Class 2 (critical) CA:TRUE, pathlen:0
StartSSL Class 3 (critical) CA:TRUE, pathlen:0
GeoTrust Global (critical) CA:TRUE
RapidSSL G3 (critical) CA:TRUE, pathlen:0
Comodo (critical) CA:TRUE
Comodo DV (critical) CA:TRUE, pathlen:0
GlobalSign (critical) CA:TRUE
GlobalSign DV (critical) CA:TRUE, pathlen:0

In signed certificates

CA Value
Let’s Encrypt X1 (critical) CA:FALSE
Let’s Encrypt X3 (critical) CA:FALSE
StartSSL Class 2 (critical) CA:FALSE
StartSSL Class 3 CA:FALSE
RapidSSL G3 (critical) CA:FALSE
Comodo DV (critical) CA:FALSE
GlobalSign DV CA:FALSE

crlDistributionPoints

In theory a complex multi-valued extension, this extension usually just holds a URI pointing to a Certificate Revokation List (CRL).

Root certificate authorities (StartSSL, GeoTrust Global, GlobalSign) do not set this field. This usually isn’t a problem since clients have a list of trusted root certificates anyway, and browsers and distributions should get regular updates on the list of trusted certificates.

All CRLs linked here are all in DER/ASN1 format, and the Content-Type header in the response is set to application/pkix-crl. Only Comodo uses application/x-pkcs7-crl, but it is also in DER/ASN1 format.

In CA certificates

CA Value Content-Type
Let’s Encrypt X1 URI:http://crl.identrust.com/DSTROOTCAX3CRL.crl application/pkix-crl
Let’s Encrypt X3 URI:http://crl.identrust.com/DSTROOTCAX3CRL.crl application/pkix-crl
StartSSL (not present)  
StartSSL Class 2 URI:http://crl.startssl.com/sfsca.crl application/pkix-crl
StartSSL Class 3 URI:http://crl.startssl.com/sfsca.crl application/pkix-crl
GeoTrust Global (not present)  
RapidSSL G3 URI:http://g.symcb.com/crls/gtglobal.crl application/pkix-crl
Comodo URI:http://crl.usertrust.com/AddTrustExternalCARoot.crl application/x-pkcs7-crl
Comodo DV URI:http://crl.comodoca.com/COMODORSACertificationAuthority.crl application/x-pkcs7-crl
GlobalSign (not present)  
GlobalSign DV URI:http://crl.globalsign.net/root.crl application/pkix-crl

In signed certificates

Let’s Encrypt is so far the only CA that does not maintain a CRL for signed certificates. Major CAs usually don’t fancy CRLs much because they are a large file (e.g. Comodos CRL is 1.5MB) containing all certificates and cause major traffic for CAs. OCSP is just better in every way.

CA Value Content-Type
Let’s Encrypt (not present)  
StartSSL Class 2 URI:http://crl.startssl.com/crt2-crl.crl application/pkix-crl
StartSSL Class 3 URI:http://crl.startssl.com/sca-server3.crl application/pkix-crl
RapidSSL G3 URI:http://gv.symcb.com/gv.crl application/pkix-crl
Comodo DV URI:http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl application/x-pkcs7-crl
GlobalSign DV URI:http://crl.globalsign.com/gs/gsdomainvalsha2g2.crl application/pkix-crl

extendedKeyUsage

A list of purposes for which the certificate can be used for. CA certificates usually do not set this field.

In CA certificates

CA Value
Let’s Encrypt X1 (not present)
Let’s Encrypt X3 (not present)
StartSSL (not present)
StartSSL Class 2 (not present)
StartSSL Class 3 TLS Web Client Authentication, TLS Web Server Authentication
GeoTrust Global (not present)
RapidSSL G3 (not present)
Comodo (not present)
Comodo DV TLS Web Server Authentication, TLS Web Client Authentication
GlobalSign (not present)
GlobalSign DV (not present)

In signed certificates

CA Value
Let’s Encrypt X1 TLS Web Server Authentication, TLS Web Client Authentication
Let’s Encrypt X3 TLS Web Server Authentication, TLS Web Client Authentication
StartSSL Class 2 TLS Web Client Authentication, TLS Web Server Authentication
StartSSL Class 3 TLS Web Client Authentication, TLS Web Server Authentication
RapidSSL G3 TLS Web Server Authentication, TLS Web Client Authentication
Comodo DV TLS Web Server Authentication, TLS Web Client Authentication
GlobalSign DV TLS Web Server Authentication, TLS Web Client Authentication

issuerAltName

Only StartSSL sets this field in its signed certificates. It’s a URI pointing to their homepage.

In CA certificates

CA Value
Let’s Encrypt (not present)
StartSSL (not present)
StartSSL Class 2 (not present)
StartSSL Class 3 (not present)
GeoTrust Global (not present)
RapidSSL G3 (not present)
Comodo (not present)
Comodo DV (not present)
GlobalSign (not present)
GlobalSign DV (not present)

In signed certificates

CA Value
Let’s Encrypt (not present)
StartSSL Class 2 URI:http://www.startssl.com/
StartSSL Class 3 URI:http://www.startssl.com/
RapidSSL G3 (not present)
Comodo DV (not present)
GlobalSign DV (not present)

keyUsage

List of permitted key usages. Usually marked as critical, except for certificates signed by StartSSL.

In CA certificates

CA Value
Let’s Encrypt X1 (critical) Digital Signature, Certificate Sign, CRL Sign
Let’s Encrypt X3 (critical) Digital Signature, Certificate Sign, CRL Sign
StartSSL (critical) Certificate Sign, CRL Sign
StartSSL Class 2 (critical) Certificate Sign, CRL Sign
StartSSL Class 3 (critical) Certificate Sign, CRL Sign
GeoTrust Global (critical) Certificate Sign, CRL Sign
RapidSSL G3 (critical) Certificate Sign, CRL Sign
Comodo (critical) Digital Signature, Certificate Sign, CRL Sign
Comodo DV (critical) Digital Signature, Certificate Sign, CRL Sign
GlobalSign (critical) Certificate Sign, CRL Sign
GlobalSign DV (critical) Certificate Sign, CRL Sign

In signed certificates

CA Value
Let’s Encrypt X1 (critical) Digital Signature, Key Encipherment
Let’s Encrypt X3 (critical) Digital Signature, Key Encipherment
StartSSL Class 2 Digital Signature, Key Encipherment, Key Agreement
StartSSL Class 3 Digital Signature, Key Encipherment
RapidSSL G3 (critical) Digital Signature, Key Encipherment
Comodo DV (critical) Digital Signature, Key Encipherment
GlobalSign DV (critical) Digital Signature, Key Encipherment

subjectAltName

The subjectAltName extension is not present in any CA certificate, and of course whatever the customer requests in signed certificates.

In CA certificates

CA Value
Let’s Encrypt
StartSSL
StartSSL Class 2
StartSSL Class 3
GeoTrust Global
RapidSSL G3
Comodo
Comodo DV
GlobalSign
GlobalSign DV

subjectKeyIdentifier

The subjectKeyIdentifier extension provides a means of identifying certificates. It is a mandatory extension for CA certificates. Currently only RapidSSL does not set this for signed certificates.

The value of the subjectKeyIdentifier extension reappears in the authorityKeyIdentifier extension (prefixed with keyid:).

In CA certificates

CA Value
Let’s Encrypt X1 A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
Let’s Encrypt X3 A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
StartSSL 4E:0B:EF:1A:A4:40:5B:A5:17:69:87:30:CA:34:68:43:D0:41:AE:F2
StartSSL Class 2 11:DB:23:45:FD:54:CC:6A:71:6F:84:8A:03:D7:BE:F7:01:2F:26:86
StartSSL Class 3 B1:3F:1C:92:7B:92:B0:5A:25:B3:38:FB:9C:07:A4:26:50:32:E3:51
GeoTrust Global C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E
RapidSSL G3 C3:9C:F3:FC:D3:46:08:34:BB:CE:46:7F:A0:7C:5B:F3:E2:08:CB:59
Comodo BB:AF:7E:02:3D:FA:A6:F1:3C:84:8E:AD:EE:38:98:EC:D9:32:32:D4
Comodo DV 90:AF:6A:3A:94:5A:0B:D8:90:EA:12:56:73:DF:43:B4:3A:28:DA:E7
GlobalSign 60:7B:66:1A:45:0D:97:CA:89:50:2F:7D:04:CD:34:A8:FF:FC:FD:4B
GlobalSign DV EA:4E:7C:D4:80:2D:E5:15:81:86:26:8C:82:6D:C0:98:A4:CF:97:0F

In signed certificates

CA Value
Let’s Encrypt X1 F4:F3:B8:F5:43:90:2E:A2:7F:DD:51:4A:5F:3E:AC:FB:F1:33:EE:95
Let’s Encrypt X3 71:57:F2:DC:D2:02:5C:00:5E:74:28:57:4C:7E:61:43:44:44:AF:84
StartSSL Class 2 C7:AA:D9:A4:F0:BC:D1:C1:1B:05:D2:19:71:0A:86:F8:58:0F:F0:99
StartSSL Class 3 F0:72:65:5E:21:AA:16:76:2C:6F:D0:63:53:0C:68:D5:89:50:2A:73
RapidSSL G3 (not present)
Comodo DV F2:CB:1F:E9:6E:D5:43:E3:85:75:98:5F:97:7C:B0:59:7F:D5:C0:C0
GlobalSign DV 52:5A:45:5B:D4:9D:AC:65:30:BD:67:80:6C:D1:A1:3E:09:F7:FD:92

Other extensions

Extensions used by certificates encountered in the wild that django-ca does not (yet) support in any way.

In CA certificates

CA Value
Let’s Encrypt X1 X509v3 Certificate Policies, X509v3 Name Constraints
Let’s Encrypt X3 X509v3 Certificate Policies
StartSSL X509v3 Certificate Policies, Netscape Cert Type, Netscape Comment
StartSSL Class 2 X509v3 Certificate Policies
StartSSL Class 3 X509v3 Certificate Policies
GeoTrust Global (none)
RapidSSL G3 X509v3 Certificate Policies
Comodo X509v3 Certificate Policies
Comodo DV X509v3 Certificate Policies
GlobalSign (none)
GlobalSign DV X509v3 Certificate Policies

In signed certificates

CA Value
Let’s Encrypt X1 X509v3 Certificate Policies
Let’s Encrypt X3 X509v3 Certificate Policies
StartSSL Class 2 X509v3 Certificate Policies
StartSSL Class 3 X509v3 Certificate Policies
RapidSSL G3 X509v3 Certificate Policies
Comodo DV X509v3 Certificate Policies
GlobalSign DV X509v3 Certificate Policies