Controller Based WLANs

 View Only
last person joined: one year ago 

APs, Controllers, VIA
Back to Library

How do I find out if my X.509 certificate is in PEM, DER, or pkcs12 format? How do I choose the right certificate format when uploading it to the controller? 

Jul 01, 2014 07:31 PM

Product and Software: This article applies to all Aruba controllers and Aruba OS 3.1.1 and later.
 
Question 
I have a certificate to upload to the Aruba controller. How do I find out if it is in PEM, DER, or pkcs12 format?
 
Answer 
Open the certificate using a text editor like Notepad and see if it is in text format.
 
Example: 
 
-----BEGIN CERTIFICATE----- 
MIIDijCCAvOgAwIBAgIJAKRvtQxONVZoMA0GCSqGSIb3DQEBBAUAMIGLMQswCQYD 
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJU3Vubnl2YWxl 
MSAwHgYDVQQKExdBcnViYSBXaXJlbGVzcyBOZXR3b3JrczEMMAoGA1UECxMDVEFD 
MSMwIQYDVQQDExpteXNlcnZlci5hcnViYW5ldHdvcmtzLmNvbTAeFw0wODA0MzAy 
MzM3MDJaFw0xMDA0MzAyMzM3MDJaMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMK 
Q2FsaWZvcm5pYTESMBAGA1UEBxMJU3Vubnl2YWxlMSAwHgYDVQQKExdBcnViYSBX 
aXJlbGVzcyBOZXR3b3JrczEMMAoGA1UECxMDVEFDMSMwIQYDVQQDExpteXNlcnZl 
ci5hcnViYW5ldHdvcmtzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA 
zRwqc9prVXycGhHcsAjGPzC2MKU4DhXSr86Z89Jk8/cXEJBJ0C/NgdAqqDgxneUh 
nVyxGxODa7BNGAWSagdCsKLrbkchr479E3xLfgdc3UzAJITLGCXGiQ66NwQDyM5I 
G/xKYm4oqgyOE/lFTTkK0M8V0NmmJynyOCYC/AwQKjMCAwEAAaOB8zCB8DAdBgNV 
HQ4EFgQUM5btT6IlPGkLTTPvFccTVURO1p0wgcAGA1UdIwSBuDCBtYAUM5btT6Il 
PGkLTTPvFccTVURO1p2hgZGkgY4wgYsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD 
YWxpZm9ybmlhMRIwEAYDVQQHEwlTdW5ueXZhbGUxIDAeBgNVBAoTF0FydWJhIFdp 
cmVsZXNzIE5ldHdvcmtzMQwwCgYDVQQLEwNUQUMxIzAhBgNVBAMTGm15c2VydmVy 
LmFydWJhbmV0d29ya3MuY29tggkApG+1DE41VmgwDAYDVR0TBAUwAwEB/zANBgkq 
hkiG9w0BAQQFAAOBgQBp71WeF6dKvqUSO1JFsVhBeUesbEgx9+tx6eP328uL0oSC 
fQ6EaiXZVbrQt+PMqG0F80+4wxVXug9EW5Ob9M/opaCGI+cgtpLCwSf6CjsmAcUc 
b6EjG/l4HW2BztYJfx15pk51M49TYS7okDKWYRT10y65xcyQdfUKvfDC1k5P9Q== 
-----END CERTIFICATE-----
 
If the certificate is in text format, then it is in PEM format.
You can read the contents of a PEM certificate (cert.crt) using the 'openssl' command on Linux or Windows as follows:
 
openssl x509 -in cert.crt -text
 
 
If the file content is binary, the certificate could be either DER or pkcs12/pfx. To find out which format, run the following 'openssl' commands to open the certificate:
 
To open a DER certificate: 
openssl x509 -in cert.crt -inform DER -text
 
To display pkcs12 certificate information:
openssl pkcs12 -in cert.crt -info
 
 
 
Important Note for Server Certificates
If the controller did not generate the certificate request for the server certificate to be uploaded, the certificate file should contain the private key and the certificate. Otherwise, the server certificate will not work.

Statistics
0 Favorited
5 Views
0 Files
0 Shares
0 Downloads

Related Entries and Links

No Related Resource entered.