Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 515
  • Last Modified:

openssl x509 conversion from DER to PEM is failing on Apache server

Hi Experts,

I have a certificate installed on a server and had been facing problems with it. Now I found a note by the previous developer saying certificates need to be converted from DER format to PEM format using the openssl x509 command.

I navigated to the location of the certificate and ran the command as he wrote it and got these errors (attached image). Appreciate your help
certificatesError.jpg
0
Samooramad
Asked:
Samooramad
  • 7
  • 4
1 Solution
 
fcontrepoisCommented:
http://rt.openssl.org/Ticket/Display.html?id=2007&user=guest&pass=guest

the answer is:
"The certificate is not in the correct format for OpenSSL. If you look at
it is is base64 encoded all on one line. You can convert to DER with:

openssl base64 -d -A -in 1.cer -out 1.der"

bye
0
 
SamooramadAuthor Commented:
Sorry not sure I get your point, could you please elaborate
0
 
SamooramadAuthor Commented:
I want to convert to PEM not to DER. Is there any way to convert directly to PEM format?
0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
ravenplCommented:
I just have reproduced Your error. It shown when I supplies the "-in something.crt" already in PEM format(or at least not DER).
So I suppose Your sagia.crt is already PEM or at least not DER.
How does the file look inside? DER is binary format, PEM base64 encoded?
PEM starts with "-----BEGIN CERTIFICATE-----" line...
BTW: don't attach the certificate file here, unless You 200% sure the private key is in separate file(private key may be bundled into certificate file).
0
 
SamooramadAuthor Commented:
When I open the file I see it in Windows console with the information on it... so how do I view the text you mentioned? Or did you mean the certificate request file?
0
 
ravenplCommented:
> Or did you mean the certificate request file?
No.

> When I open the file I see it in Windows console with the information on it... so how do I view the text you mentioned?
Windows? Notepad maybe?
0
 
SamooramadAuthor Commented:
opened it and it has "-----BEGIN CERTIFICATE-----"  and also "-----ENDCERTIFICATE-----"

tags in the file, does this mean it is PEM format?
0
 
ravenplCommented:
Yes, then it's already PEM format.
0
 
SamooramadAuthor Commented:
couldn't be any other format?
0
 
ravenplCommented:
If if enclosed between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" then it is PEM format.
If there's also private key bounded, it can be encrypted with password. If it is, then You should also find lines similar to
    -----BEGIN RSA PRIVATE KEY-----
    Proc-Type: 4,ENCRYPTED
    DEK-Info: DES-EDE3-CBC,C814158661DC1449
    AFAZFbnQNrGjZJ/ZemdVSoZa3HWujxZuvBHzHNoesxeyqqidFvnydA==
    -----END RSA PRIVATE KEY-----

Also, to verify it's PEM try converting to DER :)
openssl x509 -in sagia.crt -outform der -out sagia.crt.der
0
 
SamooramadAuthor Commented:
sorry for the delay replying.. I was traveling and just saw this. Let me check again and will post soon. Thanks!
0
 
SamooramadAuthor Commented:
yeah the key I created begins with
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E1493D1996EE5923


and ends with
-----END RSA PRIVATE KEY-----
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

  • 7
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now