Convert SSL

To enable encryption on the site, different servers require different formats of SSL certificates. SSL converter changes 6 format files in an easy and fast way. Choose the one which is required: PEM, DER, PKCS#7, P7B, PKCS#12 or PFX.

If your certificate was issued in the format not compatible with the server, convert it below:

  • find current type,
  • check the new format,
  • select your certificate file,
  • click convert button.
Current type:
Change for:

* - required

PEM format

It is the most common format that Certificate Authorities issue certificates in. Intermediate and Root CA certificates can be available in this format as well. Usually files have extensions such as .pem, .crt, .cer or .key (all contains BEGIN ans END lines). They are Base64 encoded.

PEM is compatible with the Apache server and similar. During installation most platforms expect certificates and the private key to be separate.

DER format

It is a binary form of PEM. It has extension .der or .cer.

DER is typically used with Java platforms. Converter can change the type of certificate to this format – to change a private key, please use OpenSSL commands.

PKCS#7 or P7B format

Is usually stored in Base64 format and has extension .p7b or .p7c. Files in this format contain lines „-----BEGIN PKCS7-----” and „-----END PKCS7-----”. This format is just for certificates, not for private key.

PKCS#7 and P7B are installed on Microsoft Windows and Java Tomcat servers.

PKCS#12 or PFX format

Is binary format storing the server certificate, intermediates certificates, and private key in one file. Usually has the extension .pfx or .p12. Typically are used on Windows machines.

When converting PFX format to PEM, in one file will be included all certificates and private key. To separate it, you need to open this file in a simple text editor, copy every single part (with BEGIN and END lines) to different files and save it as certificate.cer, CACert.cer and privatekey.key.

Click here to convert formats with OpenSSL commands.