JA T3 Framework

Fast. Flexible. Powerful

Contact

Converting a pfx certificate to the pem format

When installing simpleSAMLphp you will need a certificate in the pem format to sign and encrypt. But most often certificates is given it pfx format or its needed to wxport certificates from a windows environment.

Exporting the certificate

When doing a certificate export from an exisiting Windows webserver:

  1. Select "Yes, export the private key",  "Include all certificates in the certification path if possible", "Enable Strong Protection
  2. Select a password for the export file
  3. Select a name for the exportfile  "something.pfx" and save.
  4. Now you can copy the file to the unix-server where you need the certificate.

Converting the pfx file

In order to convert the certificate from pfx to pem format use the following openSSL command:

openssl pkcs12 -in <something>.pfx -out <something>.pem -nodes

If the certificate is protected by a password, you will be prompted for the password. Enter your password and the export is done.

Options

''pkcs12''

The pkcs12 command allows PKCS#12 files (sometimes referred to as PFX files) to be created and parsed.

''-in filename''

This specifies filename of the PKCS#12 file to be parsed. Standard input is used by default.

''-out filename''

The filename to write certificates and private keys to, standard output by default. They are all written in PEM format.

''-nodes''

Do not encrypt the private keys at all.

For more help using openSSL visit the homepage for [http://www.openssl.org].

WAYF – Where Are You From
Asmussens Allé, Building 305
DK-2800 Lyngby
Denmark

www.wayf.dk
sekretariat@wayf.dk

line
You are here: