According to the answer to this server-fault question almost all certificate file formats can contain private key alongside public key, as such how can I identify whether a certificate contains private key?
This is important because I do not want to unknowingly send the private key to the remote client.
Following the structure of the link:
.csr. Only public keys in pem
or der
format
.pem. keys and/or certificates. Look for -----BEGIN PRIVATE KEY----
or -----BEGIN RSA PRIVATE KEY-----
or -----BEGIN ENCRYPTED PRIVATE KEY-----
.key keys in pem
format
.pkcs12 .pfx .p12 keys and/or certificates. List keys with openssl pkcs12 -info -nocerts -in keystore.p12
.jks keys and/or certificates. Java specific format.
.der pem
content without base64 encoding. Look for KEY
in openssl x509 -inform DER -in cert.der
.cert .cer .crt keys and/or certificates. Content can be pem
or der
.p7b. Only certificates
.crl. No keys