David Chaves-Fraga (Ontology Engineering Group - Universidad Politécnica de Madrid) Hu Peng (Huawei Research Ireland) Jhon Toledo (Ontology Engineering Group - Universidad Politécnica de Madrid) José Mora (Huawei Research Ireland) Julián Arenas-Guerrero (Ontology Engineering Group - Universidad Politécnica de Madrid) Mingxue Wang (Huawei Research Ireland) Nicholas Burrett (Huawei Research Ireland) Oscar Corcho (Ontology Engineering Group - Universidad Politécnica de Madrid) Puchao Zhang (Huawei Research Ireland) Raúl Alcázar (Ontology Engineering Group - Universidad Politécnica de Madrid) http://w3id.org/devops-infra/certificate Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.) http://w3id.org/devops-infra/certificate.owl 2021-02-15 https://creativecommons.org/licenses/by/4.0 devopscert http://w3id.org/devops-infra/certificate# This ontology has been created in the context of a collaboration between the Ontology Engineering Group and Huawei Research Ireland First official release A Digital Certificate Bundle contains several Digital Certificates contains certificate A digital certificate can be deployed somewhere, and this is registered as a Digital Certificate Deployment has certificate deployment A Digital Certificate is obtained after a Certificate Signing Request has certificate signing request Different types of entities (domains, servers, etc.) make use of one or several digital certificates uses digital certificate The person in charge of the certificate application certificate application person The person in charge of the certificate deployment certificate deployment person The region for the certificate deployment certificate deployment region The purchase number of the certificate certificate purchase number The type of certificate certificate type The content of the certificate certificate content Also referred to as common name (CN). It is the fully qualified domain name for the certificate, the deployment of the certificate, or the certificate signing request. For example, *.example.org domain The expiry date of the certificate expiry date The issuer of the certificate, also known as issuer common name issuer The organisation that issues the certificate issuer organisation The organisational unit that issues the certificate issuer organisation unit The private key of the certificate or the certificate signing request private key The public key of the certificate signing request public key The real serial number of the certificate real serial number The region for the certificate, the deployment of the certificate, etc. region The serial number of the certificate serial number The service for which the Digital Certificate is deployed service The site for which the Digital Certificate is deployed site The start date of the certificate start date The user of the certificate or certificate signing request, also known as user common name user Also known as Organization Name (O). It is usually the legal name of a company or entity that is using the certificate, or has made the certificate signing request, and should commonly include any suffixes such as Ltd., Inc., or Corp. For example, Example Organisation, Ltd user organisation Also referred to as country (C). The two-letter ISO code for the country of the organisation that uses the Digital Certificate or has made the Certificate Signing Request. For instance, ES user organisation country Also referred to as email address (EMAIL). The email contact (usually the certificate administrator or IT department) for the country of the organisation that uses the Digital Certificate or has made the Certificate Signing Request. For instance, info@example.org user organisation email Also referred to as locality (L). The name of the locality (town, city, village, etc.) of the organisation that uses the Digital Certificate or has made the Certificate Signing Request. For instance, Boadilla del Monte user organisation locality Also referred to as state (S). The name of the locality (province, region, county or state) of the organisation that uses the Digital Certificate or has made the Certificate Signing Requestte or Certificate Signing Request. For instance, Comunidad de Madrid user organisation state Also known as Organizational Unit (OU). It is the organisational unit of the user of the certificate or certificate signing request. It is an internal department/division name. For example, IT Support user organisation unit It determines whether the certificate is valid valid The vendor for the certificate vendor CFCA is a national Authority safety Certification organization which is established by the people's bank of China. CFCA certificates are issued by this organisation CFCA (China Financial Certification Authority) Certificate A Certificate Signing Request (also known as CSR or certification request) is a message sent from an applicant to a registration authority of the public key infrastructure in order to apply for a digital identity certificate. It usually contains the public key for which the certificate should be issued, identifying information (such as a domain name) and integrity protection (e.g., a digital signature). The most common format for CSRs is the PKCS #10 specification; another is the Signed Public Key and Challenge SPKAC format generated by some web browsers. Certificate Signing Request Digital Certificates are electronic credentials that bind the identity of the certificate owner to a pair of electronic encryption keys, (one public and one private), that can be used to encrypt and sign information digitally. Digital Certificate A digital certificate bundle is a file that contains root and intermediate certificates. Digital Certificate Bundle A Digital Certificate Deployment is the result of deploying a digital certificate in a specific domain and for a specific service on a site. Digital Certificate Deployment An SSL certificate is a data file hosted in a website's origin server. SSL certificates make SSL/TLS encryption possible, and they contain the website's public key and the website's identity, along with related information. Devices attempting to communicate with the origin server will reference this file to obtain the public key and verify the server's identity. The private key is kept secret and secure. SSL Certificate