Log in Go to the main page Page Discussion History Go to the file list Go to the site toolbox

Convert File Formats, Using OpenSSL

From RZWiki


Linux-logo-large.png Application-certificate.svg

Instructions on how to convert various SSL certificate and key files to other formats using the OpenSSL command line program. In most cases there are a number of ways to do the same thing but in some cases the command and options used will depend on the format and contents of the files you start with.

UNote:/U File extensions are not required and can even be wrong and will not affect OpenSSL command operation. However, they are useful for easily identifying a file's format.

This article covers most common requirements but is not yet complete. If you can suggest any additions please do get in touch using the information found at the bottom of the article.

Contents

Application-certificate-medium.png From PEM To...

DER

openssl font color=deepskybluex509 -informat/font font color=darkvioletpem/font font color=deepskyblue-outformat/font font color=darkvioletder/font font color=deepskyblue-in/font font color=darkorangemy-file.pem/font font color=deepskyblue-out/font font color=darkorangemy-file.der/font
openssl font color=deepskybluedsa -informat/font font color=darkvioletpem/font font color=deepskyblue-outformat/font font color=darkvioletder/font font color=deepskyblue-in/font font color=darkorangemy-file.pem/font font color=deepskyblue-out/font font color=darkorangemy-file.der/font
openssl font color=deepskybluersa -informat/font font color=darkvioletpem/font font color=deepskyblue-outformat/font font color=darkvioletder/font font color=deepskyblue-in/font font color=darkorangemy-file.pem/font font color=deepskyblue-out/font font color=darkorangemy-file.der/font

PKCS12

openssl font color=deepskybluepkcs12 -export -in/font font color=darkorangepem-certificate-and-key-file/font font color=deepskyblue-out/font font color=darkorangepkcs-12-certificate-and-key-file/font
openssl font color=deepskybluepkcs12 -export -in/font font color=darkorangepem-certificate-file/font font color=deepskyblue-inkey/font font color=darkorangepem-key-file/font font color=deepskyblue-out/font font color=darkorangepkcs-12-certificate-and-key-file/font
openssl font color=deepskybluepkcs12 -export -in/font font color=darkorangepem-certificate-file/font font color=deepskyblue-nokeys -nodes -out/font font color=darkorangepkcs-12-certificate-file/font

Application-certificate-medium.png From NET To...

These files frequently have a .ick extension.

PEM

openssl font color=deepskybluepkcs8 -nocrypt/font font color=deepskyblue-informat/font font color=darkvioletnet/font font color=deepskyblue-outformat/font font color=darkvioletpem/font font color=deepskyblue-in/font font color=darkorangemy-file.ick/font font color=deepskyblue-out/font font color=darkorangemy-file.pem/font

Application-certificate-medium.png From DER To...

PEM

openssl font color=deepskybluex509 -informat/font font color=darkvioletder/font font color=deepskyblue-outformat/font font color=darkvioletpem/font font color=deepskyblue-in/font font color=darkorangemy-file.der/font font color=deepskyblue-out/font font color=darkorangemy-file.pem/font
openssl font color=deepskybluedsa -informat/font font color=darkvioletder/font font color=deepskyblue-outformat/font font color=darkvioletpem/font font color=deepskyblue-in/font font color=darkorangemy-file.der/font font color=deepskyblue-out/font font color=darkorangemy-file.pem/font
openssl font color=deepskybluersa -informat/font font color=darkvioletder/font font color=deepskyblue-outformat/font font color=darkvioletpem/font font color=deepskyblue-in/font font color=darkorangemy-file.der/font font color=deepskyblue-out/font font color=darkorangemy-file.pem/font

Application-certificate-medium.png From PKCS#7 To...

These files frequently have a .p7b extension.

font color=redPKCS#7 Files normally contain both the actual certificate and a CA intermediate certificate combined. Both the commands below will split the original combined certificate into it's two constituant parts, but still in one file so in most cases you will still need to edit the output file in order to install and use the actual certificate./font

PEM

openssl font color=deepskybluepkcs7 -in/font font color=darkorangemy-file.p7b/font font color=deepskyblue-print_certs -out/font font color=darkorangemy-file.pem/font

DER

openssl font color=deepskybluepkcs7 -in/font font color=darkorangemy-file.p7b/font font color=deepskyblue-print_certs -outformat/font font color=darkvioletder/font font color=deepskyblue-out/font font color=darkorangemy-file.der/font

Application-certificate-medium.png From PKCS#12 To...

These files frequently have a .pfx or .p12 extension.

PEM

openssl font color=deepskybluepkcs12 -in/font font color=darkorangenetworkstuff.eu.pfx/font font color=deepskyblueout/font font color=darkorangenetworkstuff.eu.pem/font font color=deepskyblue-nodes -nocerts/font
openssl font color=deepskybluepkcs12 -in/font font color=darkorangepkcs-12-certificate-file/font font color=deepskyblue-out/font font color=darkorangepem-certificate-file/font
openssl font color=deepskybluepkcs12 -in/font font color=darkorangepkcs-12-certificate-and-key-file/font font color=deepskyblue-out/font font color=darkorangepem-certificate-and-key-file/font

Icemon-medium.png Related Articles

Confirm Key File Formats, Using OpenSSL or Check Key File, Using OpenSSL

Check CSR, Using OpenSSL

Our other OpenSSL articles

Information on OpenSSL Commands


Internet-group-chat-small.png We really do appreciate all feedback so please do send your comments, suggestions or corrections to sjiveson#routerzone.eu 
(replacing the # with an @)


Retrieved from "http://www.routerzone.eu/wiki/index.php/Convert_File_Formats,_Using_OpenSSL"

Site Toolbox:

Personal tools
This page was last modified on 13 July 2010, at 13:26. - Disclaimers - About RZWiki
Powered by MediaWiki