For TLS implementation in EBS it support PEM format.
- From PFX (.p12 / .pfx): To export the certificate and private key together:
openssl pkcs12 -in certificate.pfx -out certificate.pem -nodes - From DER (.cer / .der): To convert a binary DER file to a text PEM file:
openssl x509 -inform der -in certificate.cer -out certificate.pem - From P7B (.p7b): To convert a PKCS#7 file:
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem - Open certmgr.msc (User) or certlm.msc (Local Computer).
- Right-click your certificate → All Tasks → Export.
- Select Base-64 encoded X.509 (.CER). This format is functionally identical to PEM.
- Complete the wizard and save the file. You can manually rename the extension from
.certo.pemif required by your application. - Chrome/Edge: Click the Padlock icon → Connection is secure → Certificate is valid → Details → Export. Choose Base-64 encoded X.509 or PEM if available.
- Firefox: Click the Padlock → Connection secure → More Information → View Certificate → Details → Export.
- Open a text editor like Notepad.
- Paste the contents of the certificate (including
-----BEGIN CERTIFICATE-----and-----END CERTIFICATE-----). - Paste the contents of the private key immediately below it.
- Save the file with a
.pemextension.
Exporting a certificate in PEM format depends on your current file type (e.g., .pfx, .cer, .der) or the tool you are using.
1. Using OpenSSL (Cross-Platform)
OpenSSL is the most common tool for converting certificates.
2. Using Windows Certificate Export Wizard
If the certificate is already installed on your Windows system:
3. Using a Web Browser
To export a certificate from a website:
4. Manual Creation (Combining Files)
If you have separate
.crt and .key files and need a single .pem file: