June 2003
Intermediate to advanced
336 pages
8h 54m
English
Content preview from Linux Security CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
4.10. Converting SSL Certificates from DER to PEM
Problem
You have an SSL certificate in binary format, and you want to convert it to text-based PEM format.
Solution
$ openssl x509 -inform der -infilename-outfilename.pem
Discussion
It may happen that you obtain a CA certificate in a different format. If it appears to be a binary file (often with the filename extension .der or .crt), it is probably the raw DER-encoded form; test this with:
$ openssl x509 -inform der -text -in filenameDER stands for Distinguished Encoding Rules, an encoding for ASN.1 data structures; X.509 certificates are represented using the ASN.1 standard. The openssl command uses PEM encoding by default. You can convert a DER-encoded certificate to PEM format thus:
$ openssl x509 -inform der -infilename-outfilename.pem
See Also
openssl(1).