SSL Convert

PEM Format

The PEM format is the most common format among SSL certificates issued by certification authorities. This type of certificate contains the following lines : "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". Certificates with the .pem extension are identical to the .crt or .cer extensions.
It is thus possible for you to modify the extension of these files. PEM certificates can contain both the certificate and the private key in the same file. However, most servers like Apache want you to separate them into separate files.

• PEM certificates have the .pem, .crt, .cer and .key extensions
• They are encoded in ASCII Base64 format
• They are generally used for Apache servers or similar configurations

DER Format

The DER format is simply a binary form of a certificate at the expense of the ASCII PEM format. There are often two forms of extension in .cer and .der The only way to determine the difference between a DER .cer file and a PEM .cer file is to open it in a text editor and check for the BEGIN/END text
Both types of certificates and private keys can be encoded in DER format. DER is usually used with Java platforms. If you need to convert a private key to DER format, you can use the OpenSSL commands on this site

PKCS#7 and P7B Format

The PKCS#7 or P7B format is encoded in ASCII Base64 format. This type of certificate contains the following lines: "-----BEGIN PKCS7-----" et "-----END PKCS7-----". The particularity of the p7B file is that it only contains certificates and string certificates and not the private key.

• They have the .p7b and .p7c extensions
• They are generally used for Microsoft windows and Java Tomcat servers

PKCS#12 and PFX Format

The PKCS#12 or PFX format is encoded in binary format. This type of certificate stores the server certificate as well as the intermediate certificates and the private key in a single encrypted file.

PFX files usually come with extensions such as .pfx, .p12 or .pkcs#12. You can rename the extension of .pfx files to .p12 and vice versa. PFX formats are typically used on Windows servers to import and export certificates and private keys.

When converting a PFX file to a PEM file, all certificates and the private key are integrated into a single file. It will be necessary to separate the different parts of the file into separate files. To do this, here is the method:"

To do this, it is necessary to open the file in a text editor and copy each certificate and private key (including the BEGIN/END statements) into an individual text file and save them as certificate.cer, CACert.cer and privateKey.key respectively.