Jump to content

OpenSSL/PEM

From Wikibooks, open books for an open world

PEM stands for Privacy-enhanced Electronic Mail, it's a standard for a public-key cryptography.

Syntax

[edit | edit source]

A PEM key must be stored in a file, preferably .pem, beginning and ending by these lines :

-----BEGIN CERTIFICATE REQUEST-----
...
-----END CERTIFICATE REQUEST-----

In Linux, we can identify the PEM certificates with the file command:

file MyCertificate.crt
MyCertificate.crt: PEM certificate request

Conversion

[edit | edit source]

To convert a DER certificate to a PEM one:

openssl x509 -inform DER -in /etc/apache2/ssl/MyCertificate.crt -outform PEM -out /etc/apache2/ssl/MyCertificate.pem