HTTPCSEuropean cybersecurity leader

| About us
HTTPCS SECURITY
Demo package Enter your web application/Site URL
  1. Httpcs
  2. SSL certificates
  3. Certificate conversion

SSL Converter to different formats

Our SSL Converter allows you to quickly and easily convert SSL Certificates into 6 formats such as PEM, DER, PKCS#7, P7B, PKCS#12 and PFX. Depending on the server configuration (Windows, Apache, Java), it may be necessary to convert your SSL certificates from one format to another.


  • Microsoft Windows servers use .pfx files
  • Apache servers use .crt, .cer

If one of your certificates is not in the correct format, please use our SSL converter:

Operation

  • 1Choose your current certificate format
  • 2Select the desired final conversion format
  • 3Download the file containing your SSL certificate
  • 4Click on the convert button

Certificate conversion

SSL certificates

The different SSL certificate formats

PEM Format

The PEM format is the most common format among SSL certificates issued by certification authorities. This type of certificate contains the following lines : "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". Certificates with the .pem extension are identical to the .crt or .cer extensions. It is thus possible for you to modify the extension of these files. PEM certificates can contain both the certificate and the private key in the same file. However, most servers like Apache want you to separate them into separate files.

  • PEM certificates have the .pem, .crt, .cer and .key extensions
  • They are encoded in ASCII Base64 format
  • They are generally used for Apache servers or similar configurations

DER Format

The DER format is the binary format of the PEM.

  • DER certificates have the .der, .cer extensions
  • They are generally used for JAVA servers

PKCS#7 and P7B Format

The PKCS#7 or P7B format is encoded in ASCII Base64 format. This type of certificate contains the following lines: "-----BEGIN PKCS7-----" et "-----END PKCS7-----". The particularity of the p7B file is that it only contains certificates and string certificates and not the private key.

  • They have the .p7b and .p7c extensions
  • They are generally used for Microsoft windows and Java Tomcat servers

PKCS#12 and PFX Format

The PKCS#12 or PFX format is encoded in binary format. This type of certificate stores the server certificate as well as the intermediate certificates and the private key in a single encrypted file. Certificates with the .p12, .pksc#12 or .pfx extensions are identical. You can rename the extension of .pfx files to .p12 and vice versa.

  • They have as .pfx and .p12 extensions
  • They are generally used for Microsoft windows servers

Please note: When converting a PFX file to a PEM file, all certificates and the private key are integrated into a single file. It will be necessary to separate the different parts of the file into separate files. To do this, here is the method:

  • Open the file in a text editor,
  • Copy all certificates and private key including lines (BEGIN/END) into separate files
  • Save the files in the following formats: certificate.cer, CACert.cer and privateKey.key.
SSL certificates

OpenSSL commands for your conversion

It is recommended to convert your files directly using OpenSSL commands to keep your private key secret. To do this, please use the following commands to convert your files into different formats. If this has been impossible for you, rest assured, our SSL converter ensures you complete protection of your data, which is never stored.

Convert PEM

PEM to DER

openssl x509 -outform der -in certificate.pem -out certificate.der

PEM to P7B

openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer

PEM to PFX

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

Convert DER

DER(.crt .cer .der) to PEM

openssl x509 -inform der -in certificate.cer -out certificate.pem

DER to CER

openssl x509 -inform der -in certificat-ssl.der -out certificat-ssl.cer

Convert P7B

P7B to PEM

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer

P7B to PFX

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer

P7B to CER

openssl pkcs7 -print_certs -in certificat-ssl.p7b -out certificat-ssl.cer

Convert PFX

PFX to PEM

openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes

Convert CER

CER to P7B

openssl crl2pkcs7 -nocrl -certfile certificat-ssl.cer -certfile cert-intermediaire.cer -certfile cert-racine.cer -out certificat-ssl.p7b

CER to PFX

openssl pkcs12 -in certificat-ssl.cer -certfile cert-intermediaire.cer -certfile cert-racine.cer -inkey cle-privee.key -export -out certificat-ssl.pfx

CER to DER

openssl x509 -in certificat-ssl.cer -outform der -out certificat-ssl.der
See all SSL certificates