4.10.1 ProblemYou have an SSL certificate in binary format, and you want to convert it to text-based PEM format. 4.10.2 Solution$ openssl x509 -inform der -in filename -out filename.pem 4.10.3 DiscussionIt may happen that you obtain a CA certificate in a different format. If it appears to be a binary file (often with the filename extension .der or .crt), it is probably the raw DER-encoded form; test this with: $ openssl x509 -inform der -text -in filename DER stands for Distinguished Encoding Rules, an encoding for ASN.1 data structures; X.509 certificates are represented using the ASN.1 standard. The openssl command uses PEM encoding by default. You can convert a DER-encoded certificate to PEM format thus: $ openssl x509 -inform der -in filename -out filename.pem 4.10.4 See Alsoopenssl(1). |