Why does the SSL Certificate in PEM format look different in the Advanced Authentication Database?

Document ID : KB000069403
Last Modified Date : 19/09/2018
Show Technical Document Details
Introduction:

CA Advanced Authentication Admin UI console requires a .pem certificate type be provided for 1-way SSL communication. Certificates in PEM format are readable but the same certificate in AA database tables looks different and the format is not known.

Question: 

What operation does the CA Advanced Authentication do on .pem certificates that are stored in the CA Advanced Authentication database?

For example the ROOTCERT column of ARUDSLDAPREPOSITORYCONFIG table has the certificate in a binary format. What is the exact format used?

 

Instructions:
The root cert provided is stored in BASE64 encoded format. 

Here is an example; 

Say you have a PEM format certificate like such - excerpt from the .pem certificate.  Note this is readable.

============= Beginning of PEM excerpt =====================
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA1E23S7YOPipsW5Cfjjczsq65ceUEk0fio/HtncFP1Ryi4cv/
la8Z8jhB4Q9uwVgEzluhBUVODrqIgHRU3BTWFNkqgSz1pbuzGtnp6q6zXG1Ij/hC
mo2uiE17ttgREtkoiyuGWrmGoaQfHnHnlPj8uMpZ4jBqQwajCW6Pbj8dAt4v+xgp
tdiZqaVLe62HAv6w0eLGrkBsHeJ1r1B+5f0Fnd1JBy3IuIJcjZa6/34I6JIMNJ2B
..............................................
============ End of PEM Excerpt ============================


The BASE64 encoded certificate in Advanced Authentication table will look like the below excerpt (not readable as this is binary encoding). 

============= Beginning of BASE 64 excerpt =====================
LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQ0KTUlJRXBBSUJBQUtDQVFFQTFFMjNTN1lPUGlwc1c1Q2ZqamN6c3E2NWNlVUVrMGZpby9IdG5jRlAxUnlpNGN2Lw0KbGE4WjhqaEI0UTl1d1ZnRXpsdWhCVVZPRHJxSWdIUlUzQlRXRk5rcWdTejFwYnV6R3RucDZxNnpYRzFJai9oQw0KbW8ydWlFMTd0dGdSRXRrb2l5dUdXcm1Hb2FRZkhuSG5sUGo4dU1wWjRqQnF
..............
============ End of Base 64 Excerpt ============================