Our SSL Converter allows you to quickly and easily convert SSL Certificates into 6 formats such as PEM, DER, PKCS#7, P7B, PKCS#12 and PFX. Depending on the server configuration (Windows, Apache, Java), it may be necessary to convert your SSL certificates from one format to another.
If one of your certificates is not in the correct format, please use our SSL converter:
Operation
Certificate conversion
The PEM format is the most common format among SSL certificates issued by certification authorities. This type of certificate contains the following lines : "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". Certificates with the .pem extension are identical to the .crt or .cer extensions. It is thus possible for you to modify the extension of these files. PEM certificates can contain both the certificate and the private key in the same file. However, most servers like Apache want you to separate them into separate files.
The DER format is the binary format of the PEM.
The PKCS#7 or P7B format is encoded in ASCII Base64 format. This type of certificate contains the following lines: "-----BEGIN PKCS7-----" et "-----END PKCS7-----". The particularity of the p7B file is that it only contains certificates and string certificates and not the private key.
The PKCS#12 or PFX format is encoded in binary format. This type of certificate stores the server certificate as well as the intermediate certificates and the private key in a single encrypted file. Certificates with the .p12, .pksc#12 or .pfx extensions are identical. You can rename the extension of .pfx files to .p12 and vice versa.
Please note: When converting a PFX file to a PEM file, all certificates and the private key are integrated into a single file. It will be necessary to separate the different parts of the file into separate files. To do this, here is the method:
It is recommended to convert your files directly using OpenSSL commands to keep your private key secret. To do this, please use the following commands to convert your files into different formats. If this has been impossible for you, rest assured, our SSL converter ensures you complete protection of your data, which is never stored.
openssl x509 -outform der -in certificate.pem -out certificate.der
openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
openssl x509 -inform der -in certificate.cer -out certificate.pem
openssl x509 -inform der -in certificat-ssl.der -out certificat-ssl.cer
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CACert.cer
openssl pkcs7 -print_certs -in certificat-ssl.p7b -out certificat-ssl.cer
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
openssl crl2pkcs7 -nocrl -certfile certificat-ssl.cer -certfile cert-intermediaire.cer -certfile cert-racine.cer -out certificat-ssl.p7b
openssl pkcs12 -in certificat-ssl.cer -certfile cert-intermediaire.cer -certfile cert-racine.cer -inkey cle-privee.key -export -out certificat-ssl.pfx
openssl x509 -in certificat-ssl.cer -outform der -out certificat-ssl.der