Monday, January 25, 2010

PEM from/to P12

I commonly need to convert between PEM and p12

Is an ASCII format and can be opened with a text editor. It is used by most SSL-based tools. Key and certificate are two separate files.
Acutally: Pkcs12 is used by most browsers. Key and certificate are in one file.

PEM to P12

You need both the key and the certificate:

openssl pkcs12 -export -in usercert.pem -inkey userkey.pem -out bundle.p12

P12 to PEM

openssl pkcs12 -in bundle.p12 -out userkey.pem -nodes -clcerts

The resulting file contains both the key and certificate. Use a text editor to split into two files again.