Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

OpenSSL encoding errors while converting cer to pem

I`m trying to convert the .cer file to .pem through openssl, the command is:

openssl x509 -inform der -in certnew.cer -out ymcert.pem 

and that's the errors I`m getting:

unable to load certificate 140735105180124:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319: 140735105180124:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509 

What am I doing wrong?

like image 554
Arthur Kushman Avatar asked Jan 07 '13 07:01

Arthur Kushman


People also ask

Can we convert CER to PEM?

cer, and . key. They are Base64 encoded ASCII files and contain "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" statements. Server certificates, intermediate certificates, and private keys can all be put into the PEM format.


2 Answers

Like explained by ssl.com, a .cer file can be either in der or pem encoding. If it is in der encoding, you'll need to do conversion like you have tried, but if it is already in pem encoding, no conversion is necessary and you get the error you've got if you try - and you can just rename the file.

If you're unsure, it is good to know that .der is a binary format, whereas .pem is ascii one. If you echo the contents of your certificate out, a .pem file would look something like this:

-----BEGIN CERTIFICATE----- MIIEuTCCA6G[snip lots of chars] XmCpajQ== -----END CERTIFICATE----- 

And a .der file would look like this:

0▒▒0▒▒▒@*▒H▒▒▒▒▒0 0▒▒1     0   UUS10U VeriSign, Inc.10U                  VeriSign Trust Network1:08U 
like image 176
eis Avatar answered Sep 22 '22 17:09

eis


I had this problem also. Just rename the CER to PEM was enough :)

like image 29
L0g0ff Avatar answered Sep 23 '22 17:09

L0g0ff