Difference between revisions of "Seon Core - changing certificate format (PEM & DER)"
(→Converting file format) |
|||
Line 27: | Line 27: | ||
=== DER format === | === DER format === | ||
The DER format is a binary formatted file which is not human-readable. Windows system often refer to the certificate filename extension "<code".der</code>". | The DER format is a binary formatted file which is not human-readable. Windows system often refer to the certificate filename extension "<code".der</code>". | ||
+ | |||
+ | === P7B format === | ||
+ | The P7B format is a container which may contain one or more certificates. It may be DER or PEM formatted (see above). | ||
== Converting line ending == | == Converting line ending == |
Revision as of 15:49, 6 November 2012
Some systems (mainly Windows systems) rely on the correct certificate format and/or filename extension. For these, it's important to provide certificates in the requested format.
Contents
Formats
Certificates can be saved in different formats. The main used formats are being discussed here.
PEM format
In Seon, (nearly) all certificates files are used in PEM format. This format is ASCII based, but not human-readable. Example:
-----BEGIN CERTIFICATE----- MIIIDjCCA/agAwIBAgIKDHqkbqj+u6Pu5zANBgkqhkiG9w0BAQUFADCBizELMAkG A1UEBhMCREUxFjAUBgNVBAcMDUhvbHpnZXJsaW5nZW4xFTATBgNVBAoMDGMtd29y a3MgR21iSDEVMBMGA1UECwwMQ2VydGlmaWNhdGVzMREwDwYDVQQDDAhPRlRQMiBD .... .... XzzlP6zaRt8unDhj35nUzCdXUYsm9b1zgSJYuE5B7vu+aMB4/T9i1DhLn8RopIVg /vJihDj34jNKGRFMAIlLirvpn7nJJ2NIE0u+cpF70IcDkZ9Wqduy7OUr+PRz5wB+ 1ZOcWL2hOIxxNP5PcqIYAiwmvjDXfgzJqbPw1qoPYQRxHSo+cMLHDq+7U9cC0AMR 8/o= -----END CERTIFICATE-----
In Windows, these files may have the following file extensions:
.cer .pem
Depending on your system, you can directly import these certificates. Maybe you need to rename the file extension from ".pem
" to ".cer
".
DER format
The DER format is a binary formatted file which is not human-readable. Windows system often refer to the certificate filename extension "<code".der</code>".
P7B format
The P7B format is a container which may contain one or more certificates. It may be DER or PEM formatted (see above).
Converting line ending
If the Windows based system is not able to import your certificate, it may be needed to change the Unix line ending ("line feed") to the Windows format ("carriage return & line feed"). You can make this conversion in several ways:
root@seonbox:/tmp# unix2dos certificateFile.cer unix2dos: File certificateFile.cer will be formatted to DOS format ...
Using "sed
" (i.e. if "unix2dos" is not installed):
sed 's/$'"/`echo \\\r`/" certificateFile.cer > certificateFile_windows.cer
Converting file format
If the remote side needs another certificate format, you have to change it.
Convert from PEM to DER
openssl x509 -in inputCertificate.pem -out outputCertificate.der -inform PEM -outform DER
Convert from DER to PEM
openssl x509 -in inputCertificate.der -out outputCertificate.pem -inform DER -outform PEM