How to convert SSL certificate in Linux/CentOS?
To convert certificates from one format to different formats, one needs to have the OpenSSL Linux package installed. OpenSSL package is installed on Airwave by default.
Use the below commands to convert certificates and keys to different formats to make them compatible with specific types of servers or software.
Convert a DER file (.crt .cer .der) to PEM
openssl x509 -inform der -in certificate.cer -out certificate.pem
Convert a PEM file to DER
openssl x509 -outform der -in certificate.pem -out certificate.der
Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
You can add -nocerts to only output the private key or add -nokeys to only output the certificates.
Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
The names of the certificates vary depending on how the user gets them from the Certificate Authority. The location where the certificate needs to be stored can be added in the command as well.
openssl x509 -inform der -in /tmp/certificate.cer -out /tmp/certificate.pem
In the command above /tmp is the location directory where the certificate is placed.
Install the converted certificates as required to verify that the conversion was successful