I`m trying to convert the .cer file to .pem through openssl, the command is:
openssl x509 -inform der -in certnew.cer -out ymcert.pem
and that's the errors I`m getting:
unable to load certificate 140735105180124:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319: 140735105180124:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509
What am I doing wrong?
cer, and . key. They are Base64 encoded ASCII files and contain "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" statements. Server certificates, intermediate certificates, and private keys can all be put into the PEM format.
Like explained by ssl.com, a .cer file can be either in der or pem encoding. If it is in der encoding, you'll need to do conversion like you have tried, but if it is already in pem encoding, no conversion is necessary and you get the error you've got if you try - and you can just rename the file.
If you're unsure, it is good to know that .der is a binary format, whereas .pem is ascii one. If you echo the contents of your certificate out, a .pem file would look something like this:
-----BEGIN CERTIFICATE----- MIIEuTCCA6G[snip lots of chars] XmCpajQ== -----END CERTIFICATE-----
And a .der file would look like this:
0▒▒0▒▒▒@*▒H▒▒▒▒▒0 0▒▒1 0 UUS10U VeriSign, Inc.10U VeriSign Trust Network1:08U
I had this problem also. Just rename the CER to PEM was enough :)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With