This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Converting Certificate Formats
Converting Certificate Formats

Version management

Difference between version and

At line 1 added 42 lines
!!! Overview
Often it is necessary to convert a [Certificate] from one [Certificate Format] to another often for placing the [Certificate] in one for the [Certificate Keystores].
The [Example] commands provided require the openSSL libraries and tools.
If [OpenSSL] is not on your platform you can [obtain the source|http://www.openssl.org/].
Some [documentation is available|http://www.openssl.org/docs/apps/openssl.html].
[{$pagename}] is often part of a [Data Extraction Transformation] process.
!! Converting Using [OpenSSL]
These commands allow you to convert [certificates] and keys to different formats to make them compatible with specific types of servers or software. For example, you can convert a normal [PEM|Privacy-Enhanced Mail] file that would work with Apache to a PFX ([PKCS#12|PKCS12]) file and use it with Tomcat or IIS.
You can use some of the [online SSL Converters|https://www.sslshopper.com/ssl-converter.html|target='_blank'] to convert certificates without messing with OpenSSL.
! Convert a [DER|Distinguished Encoding Rules] file (.crt .cer .der) to [PEM|Privacy-Enhanced Mail]
{{{
openssl x509 -inform der -in certificate.cer -out certificate.pem
}}}
! Convert a [PEM|Privacy-Enhanced Mail]file to [DER|Distinguished Encoding Rules]
{{{
openssl x509 -outform der -in certificate.pem -out certificate.der
}}}
! Convert a [PKCS#12|PKCS12] file (.pfx .p12) containing a private key and certificates to [PEM|Privacy-Enhanced Mail]
{{{
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
}}}
You can add -nocerts to only output the private key or add -nokeys to only output the certificates.
! Convert a [PEM] certificate file and a private key to [PKCS#12|PKCS12] (.pfx .p12)
{{{
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
}}}
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [The Most Common OpenSSL Commands|http://www.sslshopper.com/article-most-common-openssl-commands.htmltarget='_blank'] - based on 2013-11-19
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop