So, what are the differences between .cer, .pvk and .pfx certificate files?
In Windows platform, these file types are used for certificate information. Normally used for SSL certificate and Public Key Infrastructure (X.509).
CER
CER file is used to store X.509 certificate. Normally used for SSL certification to verify and identify web servers security. The file contains information about certificate owner and public and private certificate keys. A CER file can be in binary (ASN.1 DER) or encoded with Base-64 with header and footer included (PEM), Windows will recognize either of these layout.
This file can be generated using Certificate Creation Tool (makecert.exe) as shown in the link below.
SPC
Beside CER, there’s also SPC file, which is Software Publisher Certificate. It’s a different representation of certificate in PKCS #7 format.
You can generate a SPC file from a CER file.
PVK
Stands for Private Key. Windows uses PVK files to store private keys for code signing in various Microsoft products. PVK is proprietary format.
You can create a CER file based on a PVK file.
PFX
Or Personal Exchange Format, is a PKCS12 file. This contains a variety of cryptographic information, such as certificates, root authority certificates, certificate chains and private keys. It’s cryptographically protected with passwords to keep private keys private and preserve the integrity of the root certificates. The PFX file is also used in various Microsoft products, such as IIS.
PFX file can be created from a CER, SPC, or PVK file.
Source and further reading:
X.509
Software Publisher Certificate
Make Cert Command
IBM Certificate File Types
You cannot extract pvk from cer. It has no sense, as it would be easy to sign my application with a private key from a Microsoft Certificate exported from the store.
You are right! Thanks for the input, correction has been made.
I don’t think .cer files can contain private keys These are the files that should be shared with the public. According to this MSDN link, the only format that supports bundling private keys along with public keys/certs is the Personal Information Exchange format, i.e. the .pfx file.
[…] 在 Certificate Files: .Cer x .Pvk x .Pfx 這篇中有一些解釋,簡述如下: […]
[…] 在 Certificate Files: .Cer x .Pvk x .Pfx 這篇中有一些解釋,簡述如下: […]
[…] for more information visit:Certificate Files: .Cer x .Pvk x .Pfx […]