Samooramad
asked on
openssl x509 conversion from DER to PEM is failing on Apache server
Hi Experts,
I have a certificate installed on a server and had been facing problems with it. Now I found a note by the previous developer saying certificates need to be converted from DER format to PEM format using the openssl x509 command.
I navigated to the location of the certificate and ran the command as he wrote it and got these errors (attached image). Appreciate your help
certificatesError.jpg
I have a certificate installed on a server and had been facing problems with it. Now I found a note by the previous developer saying certificates need to be converted from DER format to PEM format using the openssl x509 command.
I navigated to the location of the certificate and ran the command as he wrote it and got these errors (attached image). Appreciate your help
certificatesError.jpg
ASKER
Sorry not sure I get your point, could you please elaborate
ASKER
I want to convert to PEM not to DER. Is there any way to convert directly to PEM format?
I just have reproduced Your error. It shown when I supplies the "-in something.crt" already in PEM format(or at least not DER).
So I suppose Your sagia.crt is already PEM or at least not DER.
How does the file look inside? DER is binary format, PEM base64 encoded?
PEM starts with "-----BEGIN CERTIFICATE-----" line...
BTW: don't attach the certificate file here, unless You 200% sure the private key is in separate file(private key may be bundled into certificate file).
So I suppose Your sagia.crt is already PEM or at least not DER.
How does the file look inside? DER is binary format, PEM base64 encoded?
PEM starts with "-----BEGIN CERTIFICATE-----" line...
BTW: don't attach the certificate file here, unless You 200% sure the private key is in separate file(private key may be bundled into certificate file).
ASKER
When I open the file I see it in Windows console with the information on it... so how do I view the text you mentioned? Or did you mean the certificate request file?
> Or did you mean the certificate request file?
No.
> When I open the file I see it in Windows console with the information on it... so how do I view the text you mentioned?
Windows? Notepad maybe?
No.
> When I open the file I see it in Windows console with the information on it... so how do I view the text you mentioned?
Windows? Notepad maybe?
ASKER
opened it and it has "-----BEGIN CERTIFICATE-----" and also "-----ENDCERTIFICATE-----"
tags in the file, does this mean it is PEM format?
tags in the file, does this mean it is PEM format?
Yes, then it's already PEM format.
ASKER
couldn't be any other format?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
sorry for the delay replying.. I was traveling and just saw this. Let me check again and will post soon. Thanks!
ASKER
yeah the key I created begins with
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E1493D1996EE5
and ends with
-----END RSA PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,E1493D1996EE5
and ends with
-----END RSA PRIVATE KEY-----
the answer is:
"The certificate is not in the correct format for OpenSSL. If you look at
it is is base64 encoded all on one line. You can convert to DER with:
openssl base64 -d -A -in 1.cer -out 1.der"
bye