Focus on cloud service provider activities
Notes on website operation and maintenance
Current location: Lao Zuo's Notes > Host Tutorial > text

Use OpenSSL command to convert SSL certificate formats

2017-07-27 11:11:52 Classification: Host Tutorial

Whether we buy an SSL certificate from a merchant or obtain a certificate for free, if we need to deploy it to a panel or server WEB environment, the corresponding format requirements may be different. For example, when a netizen deploys an SSL certificate in Mormon Cloud CDN, because it can only support PEM format certificates, it needs to convert the original certificates that may not be in the original format.

There are also many ways to convert formats. The simplest and most direct way is to directly use the OpenSSL software that comes with Linux. Lao Zuo is going to record the common format conversion (Certificates Formats) through this article.

Before we prepare the format conversion, we need to find a Linux VPS with OpenSSL software installed. If not, we can install it ourselves.

First, PEM to PKCS7

openssl crl2pkcs7 -nocrl -certfile your_pem_certificate.crt -out your_pkcs7_certificate.p7b

Use OpenSSL command to convert SSL certificate formats - Page 1

Second, PKCS7 to PEM

openssl pkcs7 -print_certs -in your_pkcs7_certificate.p7b -out your_pem_certificates.pem

Third, PEM to PFX

openssl pkcs12 -export -out your_pfx_certificate.pfx -inkey laozuo.key -in laozuo.crt

The password needs to be set twice for PFX. The password needs to be remembered, and it needs to be entered when importing to the project later.

Use OpenSSL command to convert SSL certificate formats - Page 2

Fourth, PFX to PEM

openssl pkcs12 -in your_pfx_certificate.pfx -out your_pem_certificates_and_key.pem -nodes

You need to prompt us to enter the password of the PFX certificate before transferring.

Fifth, PKCS7 to PFX

PKCS7 cannot be directly converted to PFX. We need to first convert PKCS7 to PEM and then PEM to PFX through the above method.

openssl pkcs7 -print_certs -in your_pkcs7_certificate.p7b -out your_pem_certificates.pem

openssl pkcs12 -export -out your_pfx_certificate.pfx -inkey your_private.key -in your_pem_certificate.crt

In conclusion, when converting the SSL certificate format, we need to throw some certificate formats to the current directory where the openssl conversion command is executed, and the file names need to correspond.

AD: [Hong Kong ECS] Megalayer US/Hong Kong ECS 199 yuan
Domain name host preferential information push QQ group: six hundred and twenty-seven million seven hundred and seventy-five thousand four hundred and seventy-seven Get preferential promotion from merchants.
Like( zero )
Do not reprint without permission: Lao Zuo's Notes » Use OpenSSL command to convert SSL certificate formats
label:


Scan the code to follow the official account

Get more news about webmaster circle!
Entrepreneurship, operation and new knowledge

You may also like these contents:

Recommended by cheap cloud service providers

Domestic and foreign mainstream cheap VPS providers

Every year, we will see the emergence and disappearance of many domestic and foreign cheap VPS hosting companies, but ultimately there are still some mainstream service providers that are relatively stable

Recommended by domain name registration service provider

Domestic and foreign domain name registrars

When choosing a domain name registrar, we don't care how cheap the business is. What matters more is the stability and security of the business. These domain name registrars are worth choosing

Recommended excellent servers in Hong Kong

Hong Kong server rental merchants

The Hong Kong server has the same speed and performance as the mainland computer room. If we have some Chinese businesses that need better speed, we can choose the Hong Kong server

Recommended content

Popular articles