Generally your certificate comes in 2 formats:
X.509 and PKCS #7 which includes the Intermediate CA.
X509 File Extensions
The first thing we have to understand is what each type of file extension is.
[root@pg8873 2014_cert]# pwd
/home/pkg/2014_cert
[root@pg8873 2014_cert]# ls -l
total 44
-rwxr-xr-x 1 root root 26 Mar 11 16:13 passphrase-file
-rw-r--r-- 1 root root 2194 Mar 11 16:13 pgstars.2014.crt
-rw-r--r-- 1 root root 1110 Mar 11 16:14 pgstars.2014.csr
-rw-r--r-- 1 root root 1751 Mar 11 16:13 pgstars.2014.key
-rw-r--r-- 1 root root 6022 Mar 13 16:32 pgstars.p7b
Download the cert in both the formats,
PKCS #7 format save as .p7b
X.509 format save as .crt
Convert P7B to PFX
————————————————————————————————————
$ openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer
$ openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile CAcert.cer
————————————————————————————————————
Example:
[root@pg8873 2014_cert]# openssl pkcs7 -print_certs -in pgstars.p7b -out pgstars.2014.cer
[root@pg8873 2014_cert]# openssl pkcs12 -export -in pgstars.2014.cer -inkey pgstars.2014.key -out pgstars.2014.pfx -certfile pgstars.2014.crt
Enter pass phrase for stars.2014.key:
Enter Export Password:
Verifying - Enter Export Password:
PFX
Convert PFX to PEM
——————————————————————————————–
$ openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes
——————————————————————————————–
NOTE: While converting PFX to PEM format, openssl will put all the Certificates and Private Key into a single file. You will need to open the file in Text editor and copy each Certificate & Private key(including the BEGIN/END statements) to its own individual text file and save them as certificate.cer, CAcert.cer, privateKey.key respectively.
Example:
[root@pg8873 2014_cert]# openssl pkcs12 -in stars.2014.pfx -out stars.2014.new2.pem -nodes
Enter Import Password:
MAC verified OK
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment