Saminnet-Search Article Wiki Forum Blog SNS Cloud
converting cert format

  • Data-Articles
    • Slower CKD stage (3) Wed12,16:41pm

      Having your kidneys work 窶 even a little 窶 can help you feel better and live longer. If you can slow your CKD, you can delay the need for treatment of kidney failure. The types of changes you might make to help your heart or the rest of your body will help your kidneys, too. Here are some things you can do 窶 or avoid 窶 to protect your kidneys: r Blood Sugar In The Target Range.…


converting cert format

Different Platforms & Devices requires SSL certificates in different formats
eg:- A Windows Server uses .pfx files
An Apache Server uses .crt, .cer files

NOTE: Only way to tell the difference between PEM .cer and DER .cer is to open the file in a Text editor and look for the BEGIN/END statements or open the file properties and look at the extension.

PEM Format
It is the most common format that Certificate Authorities issue certificates in. It contains the 窶倪披釘EGIN CERTIFICATE窶披凪 and 窶懌披摘ND CERTIFICATE窶披凪 statements.

Several PEM certificates and even the Private key can be included in one file, one below the other. But most platforms(eg:- Apache) expects the certificates and Private key to be in separate files.
> They are Base64 encoded ACII files
> They have extensions such as .pem, .crt, .cer, .key
> Apache and similar servers uses PEM format certificates

DER Format
It is a Binary form of ASCII PEM format certificate. All types of Certificates & Private Keys can be encoded in DER format
> They are Binary format files
> They have extensions .cer & .der
> DER is typically used in Java platform

They contain 窶懌披釘EGIN PKCS窶披凪 & 窶懌披摘ND PKCS7窶披凪 statements. It can contain only Certificates & Chain certificates but not the Private key.
> They are Base64 encoded ASCII files
> They have extensions .p7b, .p7c
> Several platforms supports it. eg:- Windows OS, Java Tomcat

They are used for storing the Server certificate, any Intermediate certificates & Private key in one encryptable file.
> They are Binary format files
> They have extensions .pfx, .p12
> Typically used on Windows OS to import and export certificates and Private keys

Converting Certificates between different Formats

.txt files

If you haveツ.txtツversions of yourツcertificate,ツintermediate certificate,ツroot certificate, andツprivate keyツthey can easily by converted to aツ.crt, .cer, .pem, and .keyツby opening them in a text editor such as notepad then saving them with the extension you want. (Be sure to change theSave as type:from "Text Documents (*.txt)" to "All files" or the file will be save as the new extension plus .txt for example "cert.crt.txt" instead of "cert.crt")

For more information on how to create a pem file click here.
To use our certificate conversion tool click here.


Convert PEM to DER
$ openssl x509 -outform der -inツcertificate.pemツ-outツcertificate.der

Convert PEM to P7B
$ openssl crl2pkcs7 -nocrl -certfileツcertificate.cerツ-outツcertificate.p7bツ-certfileCAcert.cer

Convert PEM to PFX
$ openssl pkcs12 -export -outツcertificate.pfxツ-inkeyツprivateKey.keyツ-inツcertificate.crt-certfileツCAcert.crt

Convert DER to PEM
$ openssl x509 -inform der -inツcertificate.cerツ-outツcertificate.pem

Convert P7B to PEM
$ openssl pkcs7 -print_certs -inツcertificate.p7bツ-outツcertificate.cer

Convert P7B to PFX
$ openssl pkcs7 -print_certs -inツcertificate.p7bツ-outツcertificate.cer
$ openssl pkcs12 -export -inツcertificate.cerツ-inkeyツprivateKey.keyツ-outcertificate.pfxツ-certfileツCAcert.cer

Convert PFX to PEM
$ openssl pkcs12 -inツcertificate.pfxツ-outツcertificate.cerツ-nodes

NOTE:ツWhile converting PFX to PEM format, openssl will put all the Certificates and Private Key into a single file. You will need to open the file in Text editor and copy each Certificate & Private key(including the BEGIN/END statements) to its own individual text file and save them asツcertificate.cer,ツCAcert.cer,ツprivateKey.keyrespectively.

Add comment

Articles by Date

TweetTweet Share on LinkedInShare on LinkedIn Share on Google+Google+ Submit to RedditReddit Publish on WordPress WordPress Send emailSend email