Menu
How can I create a PEM file from an SSL certificate?
These are the files that I have available:
.crtserver.csr server.key
323
A . pem file is a container format that may just include the public certificate or the entire certificate chain (private key, public key, root certificates): Private Key. Server Certificate (crt, puplic key)
pem adds a file with chained intermediate and root certificates (such as a . ca-bundle file downloaded from SSL.com), and -inkey PRIVATEKEY. key adds the private key for CERTIFICATE. crt (the end-entity certificate).
Your keys may already be in PEM format, but just named with .crt or .key.
If the file's content begins with -----BEGIN and you can read it in a text editor:
The file uses base64, which is readable in ASCII, not binary format. The certificate is already in PEM format. Just change the extension to .pem.
If the file is in binary:
For the server.crt, you would use
openssl x509 -inform DER -outform PEM -in server.crt -out server.crt.pem For server.key, use openssl rsa in place of openssl x509.
The server.key is likely your private key, and the .crt file is the returned, signed, x509 certificate.
If this is for a Web server and you cannot specify loading a separate private and public key:
You may need to concatenate the two files. For this use:
cat server.crt server.key > server.includesprivatekey.pem I would recommend naming files with "includesprivatekey" to help you manage the permissions you keep with this file.
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
